client IP ¸¦ ¾ò±â À§ÇÑ X-Forwarded-For(XFF) http header
°³¹ßÇÒ °æ¿ì client ip ¸¦ ½Äº°ÇÒ ÇÊ¿ä°¡ ÀÖ´Ù¸é ¸ÕÀú Àú Çì´õ°¡ ÀÖ´ÂÁö È®ÀÎÇÑ ÈÄ¿¡ ¾øÀ¸¸é
getRemoteAddr() ·Î IP ¸¦ ¾òÀ¸¸é µÇ°ÚÁö¶ó°í »ý°¢ÇÒ ¼öµµ ÀÖ°ÚÁö¸¸ ÀÌ°Ô ³¡Àº ¾Æ´Ï´Ù.
XFF ´Â »ç½Ç»óÀÇ Ç¥ÁØÀÌÁö Á¤½Ä RFC ¿¡ Æ÷ÇÔµÈ°Ô ¾Æ´Ï¹Ç·Î ´ë°³´Â Âø½ÇÇÏ°Ô Àú Çì´õ¸¦ »ç¿ëÇÏÁö¸¸ ¾û¶×ÇÑ Çì´õ¸¦ »ç¿ëÇÏ´Â Á¦Ç°µéÀÌ ÀÖ´Ù.
±×Áß¿¡ ÇϳªÀÎ WebLogic Connector ´Â Àú Çì´õ¸¦ »ç¿ëÇÏÁö ¾Ê°í WL-Proxy-Client-IP ³ª Proxy-Client-IP °°Àº ÀüÇô ¾û¶×ÇÑ Çì´õ¸¦ »ç¿ëÇϹǷΠ¸¸¾à ¸¸µå´Â À¥ ¾îÇø®ÄÉÀ̼ÇÀÌ WebServer, WAS, L4, proxy Á¾·ù¿¡ »ó°ü¾øÀÌ client IP ¸¦ Àß °¡Á®¿À±â¸¦ ¹Ù¶õ´Ù¸é ´ÙÀ½°ú °°Àº ¼ø¼·Î IP ¸¦ ¾ò¾î³»¾ß ÇÑ´Ù.
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
[Âü°í]
localhost¿¡¼ Å×½ºÆ® ÇÏ´Â °æ¿ì 0:0:0:0:0:0:0:1 °ªÀ¸·Î ³Ñ¾î ¿À´Â °æ¿ì°¡ ÀÖ´Ù.
ÀÌ °ªÀº IPv6 ¿¡¼ IPv4ÀÇ 127.0.0.1 °ú °°Àº °ªÀÌ´Ù.
TomcatÀ¸·Î °³¹ß½Ã ¹®Á¦°¡ µÇ´Â °æ¿ì vm arguments¿¡ -Djava.net.preferIPv4Stack=true °ªÀ» ³Ö¾î ÁÖ¸é µÈ´Ù.
Ãâó: http://lesstif.com/pages/viewpage.action?pageId=20775886
[Ãâó] client IP ¸¦ ¾ò±â À§ÇÑ X-Forwarded-For(XFF) http header|ÀÛ¼ºÀÚ ½êÀÌ