I am invoking a Controller method from javascript Ajax call. When I use localhost (fine only for dev) in below code, it invokes the Controller method but if I use IP address (IP is needed when code is hosted in other some other Linux box) in place of localhost, method is not invoked.
This code works as I can see call in the network tab in browser:
var tmpUrl = "https://localhost:<port>/method1?param1=" + value1 + "¶m2="+value2;
$('#serviceBinding').load(tmpUrl);
But when I use IP address in place of localhost, there is no invocation of controller method.
var tmpUrl = "https://xx.xxx.xxx.xx:<port>/method1?param1=" + value1 + "¶m2="+value2;
$('#serviceBinding').load(tmpUrl);
Below is the method in spring Controller.
#GetMapping("/method1")
#CrossOrigin(origins = "*", allowedHeaders = "*")
public String method1(...
I do not see any error related to CORS in the browser but I see below error in the inspect section of browser
GET <full URL> net::ERR_TIMED_OUT
I think you are not able to reach IP address, you don't have a HTTPS certificate for your IP address or you have an incorrect port.
Try to ping your IP address into CLI using ping or tracert commands to check if you can reach that ip address.
Also, are you able to open the full url in your browser?
I have an application implemented with Spring Boot, where I use Spring Security for authentication. I already have "token based" authentication in place, where clients are required to retrieve a token, and then use that token to authenticate in subsequent requests.
I would like to enhance this so that a token could be restricted to a specific hostname, so that is can only be used for requests from that host. This is similar to what the google maps API does with its API keys, where it is possible to restrict them by IP or host name.
Here is the code I have implemented to try to retrieve the request's host name
public String getClientHostName(HttpServletRequest request) {
String hostName = null;
// get the request's IP address
String clientAddress = httpRequest.getRemoteAddr();
String xfHeader = httpRequest.getHeader("X-Forwarded-For");
if (xfHeader != null) {
clientAddress = xfHeader.split(",")[0];
}
// try to resolve the host name from the IP address
try {
InetAddress address = InetAddress.getByName(clientAddress);
hostName = address.getHostName();
} catch (UnknownHostException e) {
logger.error("Failed to get the host name from the request's remote address. ", e);
}
return hostName;
}
I have 2 issues right now:
This code does not always manage to retrieve the hostname. Sometimes it just returns the IP address. I understand this may be down to some IP spoofing check the InetAddress class does.
When testing requests from different hosts, I do not always get the IP address I am expecting. I often get the IP of another host that is forwarding the request (which I thought would be solved by checking "X-Forwarded-For"). This makes me wonder how to even retrieve the IP of the host that is the real originator of the request.
Is there a reliable way to check the host name of the originator of a request?
have you tried getting hostname by String referrer = request.getHeader("referer"); ?
Also, on client side also you can add a snippet to find out the hostname in the headers.
Or you can provide below code to be added on client side and on server you can read the value of domain which will return hostname
<input type="button" value="Register" onClick="call()"/>
<script>
function call(){
var domain=window.location.hostname;
window.open('http://<your-hostname>/register?domain='+domain,'_self');
}
</script>
Normally when I want my public IP from inside my program, I copy-and-paste in this code:
URL whatismyip = new URL("http://checkip.amazonaws.com");
InputStreamReader in = new InputStreamReader(whatismyip.openStream());
BufferedReader in = new BufferedReader(in);
final String ip = in.readLine(); //you get the IP as a String
System.out.println("You IP is: " + ip);
But that code only gives me my public IPV4 address, and if I type "what is my ip" into Google search, I get a different, IPV6 address instead of the IPV4 one. From inside my application, I want to get the IPV6 address, but I would consider it wasteful to parse the entire Google webpage at "https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=what+is+my+ip+" just to find my IPV6 address in it. Does anyone have a better solution that the one I plan on using?
Also, when I try using "https://wtfismyip.com/text" in place of "http://checkip.amazonaws.com", I get a security exception [caused by the leading "https"]
Changing the https to http fixes the security exception, but the updated code still does not work correctly:
{
final URL whatismyip = new URL("http://checkip.amazonaws.com");
BufferedReader in = new BufferedReader(new InputStreamReader(
whatismyip.openStream()));
final String ip = in.readLine(); //you get the IP as a String
System.out.println("Your IPV4 IP is: " + ip);
}
{
final URL whatismyip2 = new URL("http://wtfismyip.com/text");
final BufferedReader in2 = new BufferedReader(new InputStreamReader(
whatismyip2.openStream()));
final String ip2 = in2.readLine(); //you get the IP as a String
Application.printerr("Your IPV6 IP is: " + ip2); // Your IPV6 IP is the same at your IPV4 (wrong because when I check in the web browser is different)
}
In addition, trying to pull the IPV6 address from the Google search "what is my ip" - "https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=what+is+my+ip+" - doesn't even give me an ip address at all, neither ipv4 or ipv6. All I get is this:
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content=
"Search the world's information, including webpages, images, videos and more. Google has many special features
to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots">
<meta content="/images/google_favicon_128.png" itemprop="image"><title>Google</title><script>(function(){window.google={kEI:'SAxgVa73L4_FgwSy34LgCw',kEXPI:'3700256,3700366,4017578,4026111,4029815,4031300,4032032,4032500,4032521,
4032631,4032643,4032645,4032677,4032926,4033142,4033184,4033191,4033307,4033344,4034425,4035816,4035881,4035980,
4036005,4036345,4036464,4036486,4036531,4036539,4036665,4036896,4037457,4037538,4037611,8300096,8500394,8500851,
8501248,8501279,8501295,8501351,8501406,8501489,8501497,10200083,10201180,10201191',authuser:0,kSID:'c9c918f0_10'};
google.kHL='en';})();(function(){google.lc=[];google.li=0;google.getEI=function(a){for(var b;a&&(!a.getAttribute||!(b=a.getAttribute("eid")));)
a=a.parentNode;return b||google.kEI};google.getLEI=function(a){for(var b=null;a&&(!a.getAttribute||!(b=a.getAttribute("leid")));)a=
a.parentNode;return b};google.https=function(){return"https:"==window.location.protocol};google.ml=function(){};google.time=
function(){return(new Date).getTime()};google.log=function(a,b,e,f,l){var d=new Image,h=google.lc,g=google.li,c="",m=
google.ls||"";d.onerror=d.onload=d.onabort=function(){delete h[g]};h[g]=d;if(!e&&-1==b.search("&ei=")){
var k=google.getEI(f),c="&ei="+k;-1==b.search("&lei=")&&((f=google.getLEI(f))?c+="&lei="+f:k!=google.kEI&&(
c+="&lei="+google.kEI))}a=e||"/"+(l||"gen_204")+"?atyp=i&ct="+a+"&cad="+b+c+m+"&zx="+google.time();/^
http:/i.test(a)&&google.https()?(google.ml(Error("a"),!1,{src:a,glmm:1}),delete h[g]):(window.google&&window.google.vel&&
My planned solution is to use the instructions in:
http://www.rgagnon.com/javadetails/java-fix-certificate-problem-in-HTTPS.html
To get the contents of the https web page https://wtfismyip.com/ (or some other HTTPS page on that site - it doesn't let me get anything if I use http). Then use those contents to deduce your ipv4 and ipv6 addresses. Will see if it works.
Update: This solution works for getting your IPV6 address from an HTTPS site using java
I use java program to get the ip addresses from log file, then i need get the ISP of ip and
the organization of ip. I use
URL url = new URL("http://www.ip-adress.com/ip_tracer/"+ip);
to get the html content and then get the ISP information from the html content,
but this website can only free use 20 times per day, so can you give me someother methods to get the ISP information.
Thanks,
request.getHostAddress();
this will give the ip address
I'm writing a web application, I need to do a audit log for all the actions in the application. For this purpose I need to get the IP Address of the client systems.
I'm using request.getRemoteAddr() to get the remote IP Address. But this has a problem, if the client is behind a proxy this method will give the IP of the proxy system.
When I did some search I found a header attribute called 'X-FORWARDED-FOR' in the HttpRequest object.
Can somebody tell me how exactly this header property works and how can I used this header to get the IP address of the client system.
Thank you
getRemoteIP returns the remote IP address of the user (assuming all HTTP intermediaries are well behaved wrt XFF header).
String getRemoteIP(HttpServletRequest request) {
String xff = request.getHeader("X-Forwarded-For");
if (xff != null) {
return xff.split("[\\s,]+")[0];
}
return request.getRemoteAddr();
}
The client's proxy - typically a firewall or somesuch - will populate the x-forwarded-for header with the ip it receives from its client, which is typically, but is not required to be (in the case of a user going through multiple proxies or firewalls) the ip of the user's machine.
'X-FORWARDED-FOR' is used for identifying the originating/actual IP address of a client connecting to a web server through an HTTP proxy.
You can simply use the value for this attribute to find out the originating client IP, even if it's behind a proxy.