While this may seem simple, i have tried the usual request.getRemoteAddr(), request.getRemoteHost() but i keep getting my servers address. Something about my configuration, im getting my gateway ip. Does anyone know how to get the acutal users IP address?
thanks
If there's some proxy between you and the user, then you might have to look at the X-Forwarded-For header. Note that this isn't guaranteed to work either, but if you only need "good enough", then it might suffice.
Apache Http will integrate a secure mechanism to handle X-Forwarded-For header with mod_remoteip (1).
Here are a Tomcat valve RemoteIpValve (2) and a servlet filter XForwardedFilter (3) to integrate the X-Forwarded-For and X-Forwarded-Proto headers respectively at the Tomcat and WAR levels with the same secure mechanism as mod_remoteip does.
Thanks to this, request.getRemoteAddr(), request.getRemoteHost(), request.isSecure(), request.getScheme() and request.getServerPort() will expose the values transmitted by X-Forwarded-For and X-Forwarded-Proto rather than the values of the preceding proxy / load balancer.
Hope this helps,
Cyrille
(1) http : / / httpd.apache.org/docs/trunk/mod/mod_remoteip.html
(2) http : / / code.google.com/p/xebia-france/wiki/RemoteIpValve
(3) http://code.google.com/p/xebia-france/wiki/XForwardedFilter
Dear all, here is an update :
[RemoteIpValve has been integrated in Tomcat 6.0.24][1] and [RemoteIpFilter in Tomcat 7.0.0][2]. Here is a detailed article in French : [Tomcat : Adresse IP de l’internaute, load balancer, reverse proxy et header Http X-Forwarded-For][3] (sorry, we didn't have the time to translate this article in English).
Cyrille (Xebia)
[1] http:// tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_IP_Valve
[2] http:// tomcat.apache.org/tomcat-7.0-doc/config/filter.html#Remote_IP_Filter