我想知道是否apache shiro
提供这样的服务来做基于用户IP地址和用户国家的认证?
是的,@Wouter 感谢您提供信息,但我之前也尝试过覆盖此方法,但我阅读了http://www.mkyong.com/java/how-to-get-client-ip-address-in-java/ 文章避免代理IP地址。
Shiro API gethost()
方法文档说
"Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.
When used in web environments, this value is usually the same as the ServletRequest.getRemoteHost() value."
那么有什么方法可以检查客户端是否在领域doGetAuthenticationInfo()
方法中的代理服务器旁边,例如
//is client behind something?
String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null) {
ipAddress = request.getRemoteAddr();
}
...或者这种getHost()
方法对我有用吗?