java jsp获取ip地址
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/718785/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
jsp get ip address
提问by Alan
whats the best way of preventing someone from voting twice? How do i get the users ip address? What if they are on a large network? will everyone on that network show the same ip? thanks
防止某人投票两次的最佳方法是什么?如何获取用户的IP地址?如果他们在大型网络上怎么办?该网络上的每个人都会显示相同的IP吗?谢谢
UPDATE: request.getRemoteAddr() and request.getRemoteHost() return the Server names, not the client's host name and ip. Anyone else got any bright ideas?
更新: request.getRemoteAddr() 和 request.getRemoteHost() 返回服务器名称,而不是客户端的主机名和 IP。其他人有什么好主意吗?
Ok, so lets forget about the voting twice thing. Im just trying to get the users ip address? i tried request.getRemoteAddr() and request.getRemoteHost() and think im getting the servers address. I have access to two separate networks and am getting the same IP address :(
好的,让我们忘记两次投票的事情。我只是想获取用户的 IP 地址?我尝试了 request.getRemoteAddr() 和 request.getRemoteHost() 并认为我正在获取服务器地址。我可以访问两个独立的网络,并且获得相同的 IP 地址 :(
回答by karim79
In your JSP, use request.getRemoteAddr(). This returns the IP address of the agent that sent the request as a String.
在您的 JSP 中,使用request.getRemoteAddr()。这会以字符串形式返回发送请求的代理的 IP 地址。
Also, request.getRemoteHost()will attempt to get the fully qualified host name. If it can't resolve the name however, the IP address will be returned as in getRemoteAddr().
此外,request.getRemoteHost()将尝试获取完全限定的主机名。但是,如果它无法解析名称,则会像getRemoteAddr()一样返回 IP 地址。
回答by Aziz
If users are behind NAT routeror proxy server, you will see them with the same IP address. Therefore, it is not the best way of allowing users to vote once.
如果用户在NAT 路由器或代理服务器后面,您将看到它们具有相同的 IP 地址。因此,这不是让用户投票一次的最佳方式。
An alternative would be to use cookies, but again, it is possible to erase the cookie and vote again.
另一种方法是使用cookie,但同样,可以删除 cookie 并再次投票。
回答by H Marcelo Morales
AFAIK the ONLY way of preventing a second vote is by authenticating. Obviously this is not always possible, so you have to mitigate the possibility of a single user casting a ton of votes.
AFAIK 防止第二次投票的唯一方法是通过身份验证。显然这并不总是可行的,因此您必须降低单个用户投大量票的可能性。
- Throttle the voting by source IP. Use the getRemoteAddr()to allow, say... a vote per hour?... per minute? ... it will depend on how much voting you expect. Adjust the number according to experience.
- Plant a cookieon the response for every voting poll, which expires after the ballot closes.
- Make it harder to forge requests by checking and validating headers like
RefererandUser-Agent.
- 通过源 IP 限制投票。使用getRemoteAddr()允许,比如说...每小时投票?...每分钟?...这将取决于您期望多少投票。根据经验调整数量。
- 在每次投票的响应中植入一个cookie,该cookie在投票结束后过期。
- 通过检查和验证像
Referer和 之类的标头,使伪造请求变得更加困难User-Agent。
回答by Andreas
To get the IP of a client behind a router/firewall you can use
request.getHeader("X-FORWARDED-FOR").
要获取路由器/防火墙后面的客户端的 IP,您可以使用
request.getHeader("X-FORWARDED-FOR").
The X-Forwarded-For (XFF) HTTP header is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. http://en.wikipedia.org/wiki/X-Forwarded-For
X-Forwarded-For (XFF) HTTP 标头是用于识别通过 HTTP 代理或负载平衡器连接到 Web 服务器的客户端的原始 IP 地址的事实标准。 http://en.wikipedia.org/wiki/X-Forwarded-For
Keep in mind though, that this value can be changed by the proxies between you and the client. Though it shouldbe the correct IP.
但请记住,您和客户端之间的代理可以更改此值。虽然它应该是正确的IP。
回答by zygimantus
In your JSP page simply use this expression: ${pageContext.request.remoteAddr}
在您的 JSP 页面中,只需使用以下表达式: ${pageContext.request.remoteAddr}
回答by Maurice Perry
You can get the IP address with request.getRemoteAddr(). If the network is using a NAT router, all users will get the same address though
您可以使用 request.getRemoteAddr() 获取 IP 地址。如果网络使用的是 NAT 路由器,则所有用户都将获得相同的地址
