1、背景:阿里云的SLB的负载均衡,在tomcat中获取不到真实IP,而是阿里的内网IP,SLB中俩台或者3台本身是局域网,这里是SLB原理,能够看看。没怎么看懂。呵呵,要细细读下。
2、须要开启tomcat的X-Forwarded-For,在tomcat/conf/server.xml中有一个例如以下的AccessLogValve 日志纪录功能。当配置中的pattern=common时。相应的日志是例如以下,不管正常请求和非法请求都会记录。
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt" pattern='commont' resolveHosts="false"/>3、改动pattern为pattern='%{X-Forwarded-For}i %h %l %u %t "%r" %s %b',则会记录headers头中的X-Forwarded-For信息。能够使用fiddle抓取到X-Forwarded-For信息
4、获取tomcat中的X-Forwarded-For,前提阿里云须要开启获取真实IP例如以下图:
5、Java代码获取X-Forwarded-For
/**
* 获取ip地址,防止集群、代理
* @param request
* @return ip
*/
public static String getAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}