简体繁体 English

jsp获取ip地址

[英]jsp get ip address

原文 2009-04-05 11:27:02 9 6 java/ jsp

whats the best way of preventing someone from voting twice? 什么是阻止某人投票两次的最佳方式？ How do i get the users ip address? 我如何获得用户的IP地址？ What if they are on a large network? 如果他们在大型网络上怎么办？ will everyone on that network show the same ip? 那个网络上的每个人都会显示相同的IP吗？ thanks 谢谢

UPDATE: request.getRemoteAddr() and request.getRemoteHost() return the Server names, not the client's host name and ip. 更新：request.getRemoteAddr（）和request.getRemoteHost（）返回服务器名称，而不是客户端的主机名和IP。 Anyone else got any bright ideas? 其他人有什么好主意吗？

Ok, so lets forget about the voting twice thing. 好吧，让我们忘记投票两次。 Im just trying to get the users ip address? 我只是想获取用户的IP地址？ i tried request.getRemoteAddr() and request.getRemoteHost() and think im getting the servers address. 我尝试了request.getRemoteAddr（）和request.getRemoteHost（），并认为我获取服务器地址。 I have access to two separate networks and am getting the same IP address :( 我有权访问两个独立的网络，并获得相同的IP地址:(

6 个解决方案

In your JSP, use request.getRemoteAddr() . 在JSP中，使用request.getRemoteAddr（） 。 This returns the IP address of the agent that sent the request as a String. 这将返回以String形式发送请求的代理的IP地址。

Also, request.getRemoteHost() will attempt to get the fully qualified host name. 此外， request.getRemoteHost（）将尝试获取标准主机名。 If it can't resolve the name however, the IP address will be returned as in getRemoteAddr() . 但是，如果它无法解析名称，则将返回IP地址，如getRemoteAddr（）中所示 。

To get the IP of a client behind a router/firewall you can use request.getHeader("X-FORWARDED-FOR") . 要获取路由器/防火墙后面的客户端的IP，您可以使用request.getHeader("X-FORWARDED-FOR") 。

The X-Forwarded-For (XFF) HTTP header is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. X-Forwarded-For（XFF）HTTP标头是用于识别通过HTTP代理或负载平衡器连接到Web服务器的客户端的原始IP地址的事实标准。 http://en.wikipedia.org/wiki/X-Forwarded-For http://en.wikipedia.org/wiki/X-Forwarded-For

Keep in mind though, that this value can be changed by the proxies between you and the client. 但请记住，您和客户之间的代理可以更改此值。 Though it should be the correct IP. 虽然它应该是正确的IP。

If users are behind NAT router or proxy server , you will see them with the same IP address. 如果用户位于NAT路由器或代理服务器后面，您将看到它们具有相同的IP地址。 Therefore, it is not the best way of allowing users to vote once. 因此，它不是允许用户投票一次的最佳方式。

An alternative would be to use cookies , but again, it is possible to erase the cookie and vote again. 另一种方法是使用cookie ，但同样可以删除cookie并再次投票。

AFAIK the ONLY way of preventing a second vote is by authenticating. AFAIK防止第二次投票的唯一方法是通过身份验证。 Obviously this is not always possible, so you have to mitigate the possibility of a single user casting a ton of votes. 显然，这并不总是可行的，因此你必须减少单个用户投下大量选票的可能性。

Throttle the voting by source IP. 按源IP限制投票。 Use the getRemoteAddr() to allow, say... a vote per hour?... per minute? 使用getRemoteAddr（）允许，比如......每小时一次投票？......每分钟？ ... it will depend on how much voting you expect. ......这取决于你期望的投票数量。 Adjust the number according to experience. 根据经验调整数量。
Plant a cookie on the response for every voting poll, which expires after the ballot closes. 为每次投票投票制作一个cookie ，该投票在投票结束后到期。
Make it harder to forge requests by checking and validating headers like Referer and User-Agent . 通过检查和验证Referer和User-Agent类的标头，更难以伪造请求。

在JSP页面中，只需使用以下表达式： ${pageContext.request.remoteAddr}

You can get the IP address with request.getRemoteAddr(). 您可以使用request.getRemoteAddr（）获取IP地址。 If the network is using a NAT router, all users will get the same address though 如果网络使用NAT路由器，则所有用户都将获得相同的地址