How to get the IP address from the client in Java

1
We are trying to build a java action that can return the IP address of the user that executes that java action. Is this possible in Mendix 5?
asked
3 answers
3

Hi Marco, we have done this for a client. It checks the requests and from what ip addresses on login. It will then check that this user role is able to login from that IP address. If you create a login action listener you can monitor the requests and where they come from. Here is an example:

public class IPRangeCheckerLoginAction extends UserAction<ISession>
{
    private final String userName;
    private final String password;
    private final IMxRuntimeRequest request;
    private final String locale;
    private final String currentSessionId;
    private ILogNode log = Core.getLogger("IPRangechecker");

    public IPRangeCheckerLoginAction(Map<String,? extends Object> params)
    {
        this.userName = (String)params.get("userName");
        this.password = (String)params.get("password");
        this.locale = (String)params.get("locale");
        this.currentSessionId = (String)params.get("currentSessionId");
        this.request = (IMxRuntimeRequest)params.get("request");
    }

    @Override
    public ISession executeAction() throws Exception
    {
        IContext context = Core.createSystemContext();
        String remoteAddress = request.getRemoteAddr();
        String forwardedFor = request.getHeader("X-Forwarded-For");
        String realIP = request.getHeader("X-Real-IP"); // This is the header which should be used to check the IP address range.
        log.info("New login request (X-Real-IP: " + realIP + ", X-Forwarded-For:" + forwardedFor + ", remote address: " + remoteAddress);
        if( realIP == null )
            realIP = forwardedFor;
        if( realIP == null )
            realIP = remoteAddress;

        IUser user = Core.getUser(context, userName);
        if (user == null)
            throw new AuthenticationRuntimeException("Login FAILED: unknown user '" + userName + "'.");
        else if (user.isWebserviceUser())
            throw new AuthenticationRuntimeException("Login FAILED: client login attempt for web service user '" + userName + "'.");
        else if (user.isAnonymous())
            throw new AuthenticationRuntimeException("Login FAILED: client login attempt for guest user '" + userName + "'.");
        else if (user.isActive() == false)
            throw new AuthenticationRuntimeException("Login FAILED: user '" + userName + "' is not active.");
        else if (user.isBlocked() == true)
            throw new AuthenticationRuntimeException("Login FAILED: user '" + userName + "' is blocked.");
        else if (user.getUserRoleNames().isEmpty())
            throw new AuthenticationRuntimeException("Login FAILED: user '" + userName + "' does not have any user roles.");

        if( !validIp(context, realIP, user ) )
            throw new AuthenticationRuntimeException("Login FAILED: user '" + userName + "' is not allowed to login from this ip-address(" + realIP + ")");
        else if (!Core.authenticate(context, user, password))
            throw new AuthenticationRuntimeException("Login FAILED: invalid password for user '" + user.getName() + "'.");

        return Core.initializeSession(this.getContext(), user, locale, currentSessionId);
    }`
answered
1

What would be the way to execute this code (i.e. how do you create a login listener)?

answered
0

Something like this perhaps? //is client behind something? (proxy server/load balancer) String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null) {
ipAddress = request.getRemoteAddr();
}

answered