The Tomcat server logs the following warning on the server terminal while accessing pages from the browser after upgrading Tomcat from 8.0.5 to 8.0.9.0.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. WARNING *********** NetBeans HTTP Monitor ************ The request cannot be recorded most likely because the NetBeans HTTP Monitor module is disabled. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain. The relevant software :
- Spring 4.0.0 GA
- Spring Security 3.2.0 GA.
- JSF 2.2.8-02
- PrimeFaces 5.1 final
- PrimeFaces Extension 2.1.0
- JDK 8u25
- NetBeans 8.0.1
The web.xml file :
<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/applicationContext.xml /WEB-INF/spring-security.xml </param-value> </context-param> <context-param> <param-name>javax.faces.FACELETS_LIBRARIES</param-name> <param-value>/WEB-INF/my.taglib.xml</param-value> </context-param> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Production</param-value> </context-param> <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>server</param-value> </context-param> <context-param> <param-name>log4jConfigLocation</param-name> <param-value>/WEB-INF/log4j.properties</param-value> </context-param> <context-param> <param-name>log4jExposeWebAppRoot</param-name> <param-value>false</param-value> </context-param> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter> <filter-name>loginNocacheFilter</filter-name> <filter-class>filter.LoginNocacheFilter</filter-class> </filter> <filter-mapping> <filter-name>loginNocacheFilter</filter-name> <url-pattern>/utility/*</url-pattern> </filter-mapping> <filter> <filter-name>NoCacheFilter</filter-name> <filter-class>filter.NoCacheFilter</filter-class> </filter> <filter-mapping> <filter-name>NoCacheFilter</filter-name> <url-pattern>/admin_side/*</url-pattern> </filter-mapping> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <listener> <listener-class> org.springframework.web.context.request.RequestContextListener </listener-class> </listener> <listener> <listener-class> org.springframework.security.web.session.HttpSessionEventPublisher </listener-class> </listener> <listener> <listener-class> org.springframework.web.util.Log4jConfigListener </listener-class> </listener> <filter> <filter-name>PrimeFaces FileUpload Filter</filter-name> <filter-class> org.primefaces.webapp.filter.FileUploadFilter </filter-class> </filter> <filter-mapping> <filter-name>PrimeFaces FileUpload Filter</filter-name> <servlet-name>Faces Servlet</servlet-name> </filter-mapping> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.jsf</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <security-constraint> <display-name>Restrict direct access to XHTML files</display-name> <web-resource-collection> <web-resource-name>XHTML files</web-resource-name> <url-pattern>*.xhtml</url-pattern> </web-resource-collection> <auth-constraint/> </security-constraint> <session-config> <session-timeout> 120 </session-timeout> </session-config> <welcome-file-list> <welcome-file>/utility/Login.jsf</welcome-file> </welcome-file-list> <resource-ref> <res-ref-name>jdbc/social_networking</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>Container</res-auth> </resource-ref> </web-app> This did not happen in the previous Tomcat server (8.0.5). Is there a fix?
Note : In my previous question (a year ago), I disabled the HTTP monitor to just suppress the warning. It was not a solution.
EDIT : I forgot to mention but it is clear that this warning appears after Filters pertaining to Spring Security are registered in web.xml.