有关Java Web应用程序和X-REAL-IP标头的问题 [英] A question about java web apps and X-REAL-IP header
问题描述
我正在为客户建立一个项目演示.在我的服务器上,我有很多站点使用不同的技术构建,这些站点在不同端口上的不同服务器下运行.我正在使用nginx作为所有这些的反向代理.这个特定的应用程序是用Java(spring MVC/Blazeds)构建的,将在tomcat 6下部署用于演示(可能也在生产中). Nginx用作反向代理时有一个不错的设置,使它能够在X-REAL-IP标头中传递原始请求的IP地址.我要做的是设置我的应用程序或至少将tomcat设置为将X-REAL-IP标头视为真实请求IP地址.这可能吗?
I'm setting up a demo of a project for a client. On my server I have a lot of sites built with different technologies that are running under different servers on different ports. I'm using nginx as a reverse proxy for all of them. This particular application is built with java (spring MVC / Blazeds) and will be deployed under tomcat 6 for the demo (probably in production too). Nginx has a nice setting when used as reverse proxy that enables it to pass the IP address of the original request in the X-REAL-IP header. What I want to do is set up my application or at least tomcat to treat the X-REAL-IP header as the real request IP address. Is this possible?
推荐答案
这取决于您所说的真实请求IP".如果您谈论的是request.getRemoteAddr()返回的值,那么可以.
这样做的方法是在Web应用程序中设置一个servlet过滤器,该过滤器将拦截所有URL(或仅拦截您要返回X-REAL-IP的URL),并使该过滤器将传入请求包装为HttpServletRequestWrapper,它将覆盖getRemoteAddr()以返回X-REAL-IP值.
That depends on what you mean by "real request IP". If you're talking about the value returned from request.getRemoteAddr() then yes, it's possible.
The way to do that would be to set up a servlet filter in your web application that would intercept all URLs (or only the ones for which you want X-REAL-IP returned) and have that filter wrap incoming request into a descendant of HttpServletRequestWrapper which will override getRemoteAddr() to return X-REAL-IP value.
这篇关于有关Java Web应用程序和X-REAL-IP标头的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
