0

Using the recommend Vaadin code to get an IP address in a setup with apache on the front and tomcat behind using mod_jk always results in getting the Server's IP address:

Page.getCurrent().getWebBrowser().getAddress();

I caught this snippet which explains it's because the connection is coming from Apache, which makes sense, but that solution doesn't work either.

Therefore my question is how do I get the actual user's IP address in Vaadin 8 when the tomcat server is behind apache using mod_jk?

Stephane Grenier
  • 15,527
  • 38
  • 117
  • 192
  • What is the "actual" address? The browser can only see the address it's connected to - seeing anything else presents an information leak and therefore a security risk. In any case, how would seeing (what I presume is) an RFC1918 address for your internal server be helpful?? – Boris the Spider Mar 11 '18 at 09:20
  • I understand that but there should still be some way to confirm the IP address of the user, even if you're behind a proxy. – Stephane Grenier Mar 11 '18 at 20:06

1 Answers1

1
String header = VaadinService.getCurrentRequest().getHeader("x-forwarded-for");
if(header == null || "".equals(header)
    return "";
return InetAddress.getByName(header).getHostAddress();

It's best to do an empty String check just in case to avoid any NullPointerException issues.

Stephane Grenier
  • 15,527
  • 38
  • 117
  • 192