HttpServletRequest.getRemoteAddr() returning wrong

2020-06-13 05:47发布

站内问答 / 后端开发
1528 2 4

We need to log the client's IP address from a Seam action. Currently, we're using the code:

ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request = (HttpServletRequest)context.getRequest();

this.remoteAddress =  request.getRemoteAddr();

However, this seems to be always returning an internal address of our network, rather than the client's IP address. From my research, it seems that having a reverse proxy in the network can confuse things, but we might be able to fix it by reconfiguring our web servers. Has anyone else had this problem, and how did you solve it?

We're using JBoss 5.1 app servers and Apache web servers. Thanks!

2条回答
Emotional °昔
2楼-- · 2020-06-13 06:28

What you need is for your reverse proxy to pass the original IP address in a special header, like x-forwarded-for. You can then retrieve this header from your servlet. Additionally, you may want to modify your log file to log this IP address. Example:

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"  
           prefix="access_log." suffix=".txt"
           fileDateFormat="yyyy-MM-dd"
           pattern="%{x-forwarded-for}i %l - %t &quot;%r&quot; %s %b &quot;%{referer}i&quot; &quot;%{user-agent}i&quot;"
           resolveHosts="false"/>
查看更多
0人赞 添加讨论(0) 举报
一纸荒年 Trace。
3楼-- · 2020-06-13 06:40

You can 'see through' a proxy and get the address of the original requestor from the X-FORWARDED-FOR header using

request.getHeader( "X-FORWARDED-FOR" );

I guess a misbehaving proxy between the original requestor and your server could result in the true value being lost.

Ref: wikipedia description of X-FORWARDED-FOR

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)