下面列出了javax.servlet.http.HttpServletRequest#getRemoteAddr() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public void createForPrivateCalls(String page, String action, String log, HttpServletRequest request) {
// Only log if cerberus_log_publiccalls parameter is equal to Y.
String myUser = "";
String remoteIP = "";
String localIP = "";
if (request != null) {
remoteIP = request.getRemoteAddr();
if (request.getHeader("x-forwarded-for") != null) {
remoteIP = request.getHeader("x-forwarded-for");
}
if (!(request.getUserPrincipal() == null)) {
myUser = ParameterParserUtil.parseStringParam(request.getUserPrincipal().getName(), "");
}
localIP = request.getLocalAddr();
}
this.create(factoryLogEvent.create(0, 0, myUser, null, page, action, log, remoteIP, localIP));
}
/**
* 获取客户端的ip信息
*
* @param request
* @return
*/
public static String getClientIp(HttpServletRequest request) {
String ip = request.getHeader("X-Real-IP");
LOGGER.info("ipadd : " + ip);
if (StringUtils.isBlank(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Forwarded-For");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknow".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
LOGGER.info(" ip --> " + ip);
return ip;
}
public static String getIpAddr(HttpServletRequest request) {
if (request == null) {
return "unknown";
}
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Forwarded-For");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Real-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : ip;
}
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if (!StringUtils.isEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {
//多次反向代理后会有多个ip值,第一个ip才是真实ip
int index = ip.indexOf(",");
if (index != -1) {
return ip.substring(0, index);
} else {
return ip;
}
}
ip = request.getHeader("X-Real-IP");
if (!StringUtils.isEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {
return ip;
}
return request.getRemoteAddr();
}
/**
* 获取ip
*
* @param request HttpServletRequest
* @return {String}
*/
public String getIp(HttpServletRequest request) {
Assert.notNull(request, "HttpServletRequest is null");
String ip = request.getHeader("X-Requested-For");
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Forwarded-For");
}
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (StringUtil.isBlank(ip) || CommonConstants.UNKNOWN.equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return StringUtil.isBlank(ip) ? null : ip.split(",")[0];
}
/**
* 获取访问者IP
* <p>
* 在一般情况下使用Request.getRemoteAddr()即可,但是经过nginx等反向代理软件后,这个方法会失效。
* <p>
* 本方法先从Header中获取X-Real-IP,如果不存在再从X-Forwarded-For获得第一个IP(用,分割),
* 如果还不存在则调用Request .getRemoteAddr()。
*
* @param request
* @return
*/
public String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Real-IP");
if (!StringUtils.isBlank(ip) && !"unknown".equalsIgnoreCase(ip)) {
return ip;
}
ip = request.getHeader("X-Forwarded-For");
if (!StringUtils.isBlank(ip) && !"unknown".equalsIgnoreCase(ip)) {
// 多次反向代理后会有多个IP值,第一个为真实IP。
int index = ip.indexOf(',');
if (index != -1) {
return ip.substring(0, index);
} else {
return ip;
}
} else {
return request.getRemoteAddr();
}
}
/**
* 如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值,那么真
* 正的用户端的真实IP则是取X-Forwarded-For中第一个非unknown的有效IP字符串。
*
* @param request 请求对象
* @return 真实IP
*/
public static String clientIP(ServletRequest request) {
String ip = "127.0.0.1";
if (!(request instanceof HttpServletRequest)) {
return ip;
}
HttpServletRequest req = (HttpServletRequest) request;
ip = req.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = req.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = req.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = req.getRemoteAddr();
}
return ip;
}
public static String getIpAddr(HttpServletRequest request) {
Objects.requireNonNull(request);
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0) {
ip = request.getHeader("X-Forwarded-For");
}
if (ip == null || ip.length() == 0) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0) {
ip = request.getHeader("X-Real-IP");
}
if (ip == null || ip.length() == 0) {
ip = request.getRemoteAddr();
}
return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : ip;
}
private boolean ldapLogin(
HttpServletRequest request, HttpServletResponse response, String username, String password)
throws HttpAction {
if (ldapAuthenticator != null) {
RuntimeException authFailedEx = null;
Set<String> ldapBaseDns = applicationConfiguration.getLdapBaseDn();
for (String ldapBaseDn : ldapBaseDns) {
String ldapDnRegexd = ldapBaseDn.replaceAll("%u", username);
ldapAuthenticator.getLdapAuthenticator().setDnResolver(new FormatDnResolver(ldapDnRegexd));
UsernamePasswordCredentials credentials =
new UsernamePasswordCredentials(username, password, request.getRemoteAddr());
try {
ldapAuthenticator.validate(credentials, new J2EContext(request, response));
} catch (RuntimeException e) {
authFailedEx = e;
continue;
}
LOG.debug("Login success via [LDAP] for: {} at {}", username, request.getRemoteAddr());
CommonProfile profile = credentials.getUserProfile();
profile.setId(username);
String generate = jwtGenerator.generate(profile);
response.addHeader("Set-Cookie", "nna-jwt-token=" + generate);
currentUser.set(username);
return true;
}
if (authFailedEx != null) {
LOG.info("Login failed via [LDAP] for: {}", request.getRemoteAddr());
throw authFailedEx;
}
}
return false;
}
@Test
public void testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithDefaultValues() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setSecure(true);
request.setScheme("https");
request.setHeader("x-forwarded-for", "140.211.11.130");
request.setHeader("x-forwarded-proto", "http");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
boolean actualSecure = actualRequest.isSecure();
Assert.assertFalse("request must be unsecured as header x-forwarded-proto said it is http", actualSecure);
String actualScheme = actualRequest.getScheme();
Assert.assertEquals("scheme must be http as header x-forwarded-proto said it is http", "http", actualScheme);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
/**
* 查找真实的IP地址
*
* @param request
* @return
*/
public String getRemortIP(HttpServletRequest request) {
if (request.getHeader("x-forwarded-for") == null) {
return request.getRemoteAddr();
}
return request.getHeader("x-forwarded-for");
}
@Override
public Authentication attemptAuthentication(final HttpServletRequest request) {
// only support otp login when running securely
if (!request.isSecure()) {
return null;
}
// get the accessToken out of the query string
final String accessToken = request.getParameter(ACCESS_TOKEN);
// if there is no authorization header, we don't know the user
if (accessToken == null) {
return null;
} else {
if (request.getContextPath().equals("/nifi-api")) {
if (isDownloadRequest(request.getPathInfo())) {
// handle download requests
return new OtpAuthenticationRequestToken(accessToken, true, request.getRemoteAddr());
}
} else {
// handle requests to other context paths (other UI extensions)
return new OtpAuthenticationRequestToken(accessToken, false, request.getRemoteAddr());
}
// the path is a support path for otp tokens
return null;
}
}
@RequestMapping("/a")
public Resoult a(@RequestBody String json, HttpServletRequest request, HttpServletResponse response) {
Resoult r = null;
try {
JSONObject req = FastJsonUtils.parseObject(json);
Integer cmd = req.getInteger("cmd");
Long rid = req.getLong("rid");
String token = request.getHeader("access_token");
String clientIp = request.getRemoteAddr();
// TODO 线上环境要判断uid
// 仅限于robot测试使用
if (request.getHeader("uid") != null) {
Long uid = Long.parseLong(request.getHeader("uid"));
if (!RegisterProtocol.whiteList(cmd)) {
if (!auth(uid, clientIp, token)) {
return Resoult.error(0, ErrorCode.TOKEN_EXPIRE_ERROR, "");
}
}
}
Action action = RegisterProtocol.REGISTER_PROTOCOL_MAP.get(cmd);
if (Objects.isNull(action)) {
log.error("Dispatch error! Unknown protocol={}", cmd);
return Resoult.error(cmd, ErrorCode.UNKNOWN_PROTOCOL, "");
}
if (Objects.nonNull(rid)) {
action.setRid(rid);
}
action.setCmd(cmd);
r = action.execute(req, request, response);
} catch (Exception e) {
log.error("", e);
}
return r;
}
/**
* 获取客户端IP
*/
public String getRemortIP(HttpServletRequest request) {
if (request.getHeader("x-forwarded-for") == null) {
return request.getRemoteAddr();
}
return request.getHeader("x-forwarded-for");
}
public static String getIPAddress(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip != null) {
String[] ips = ip.split(",");
ip = ips[0];
}
if (StringUtils.isEmpty(ip)) {
ip = request.getHeader("x-real-ip");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
private void setXForwardedForHeader(HttpServletRequest servletRequest, HttpRequest proxyRequest) {
String headerName = "X-Forwarded-For";
if (doForwardIP) {
String newHeader = servletRequest.getRemoteAddr();
String existingHeader = servletRequest.getHeader(headerName);
if (existingHeader != null) {
newHeader = existingHeader + ", " + newHeader;
}
proxyRequest.setHeader(headerName, newHeader);
}
}
@Override
protected String constructKey(final HttpServletRequest request) {
final String username = request.getParameter(getUsernameParameter());
if (username == null) {
return request.getRemoteAddr();
}
return ClientInfoHolder.getClientInfo().getClientIpAddress() + ';' + username.toLowerCase();
}
public static String getIpAddressForStorage(HttpServletRequest request) {
String ipAddress = request.getRemoteAddr();
return ipAddress.substring(0, ipAddress.lastIndexOf(".")) + ".???";
}
@GET
@Path("/policyList/{repository}")
@Encoded
public String getResourceJSON(@Context HttpServletRequest request,
@PathParam("repository") String repository) {
String epoch = request.getParameter("epoch");
X509Certificate[] certchain = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
String ipAddress = request.getHeader("X-FORWARDED-FOR");
boolean isSecure = request.isSecure();
String policyCount = request.getParameter("policyCount");
String agentId = request.getParameter("agentId");
Long lastKnowPolicyVersion = Long.valueOf(-1);
String capabilityVector = "0";
if (ipAddress == null) {
ipAddress = request.getRemoteAddr();
}
boolean httpEnabled = PropertiesUtil.getBooleanProperty("ranger.service.http.enabled",true);
ServicePolicies servicePolicies = null;
try {
servicePolicies = serviceREST.getServicePoliciesIfUpdated(repository, lastKnowPolicyVersion, 0L, agentId, "", "", false, capabilityVector, request);
} catch(Exception excp) {
logger.error("failed to retrieve policies for repository " + repository, excp);
}
RangerService service = serviceUtil.getServiceByName(repository);
List<RangerPolicy> policies = servicePolicies != null ? servicePolicies.getPolicies() : null;
long policyUpdTime = (servicePolicies != null && servicePolicies.getPolicyUpdateTime() != null) ? servicePolicies.getPolicyUpdateTime().getTime() : 0l;
VXAsset vAsset = serviceUtil.toVXAsset(service);
List<VXResource> vResourceList = new ArrayList<VXResource>();
if(policies != null) {
for(RangerPolicy policy : policies) {
vResourceList.add(serviceUtil.toVXResource(policy, service));
}
}
String file = assetMgr.getLatestRepoPolicy(vAsset, vResourceList, policyUpdTime,
certchain, httpEnabled, epoch, ipAddress, isSecure, policyCount, agentId);
return file;
}
/**
* Instantiates a new Validation session info.
*
* @param req the req
* @param t the t
*/
public ValidationSessionInfo(HttpServletRequest req, String t) {
this.token = t;
this.createDate = new Date();
this.ipAddress = req.getRemoteAddr();
}