1. 技术文章
  2. MonitorFilter::WARNING: the monitor filter must be the first filter in the chain

MonitorFilter::WARNING: the monitor filter must be the first filter in the chain

ぃ、小莉子 提交于 2019-12-03 14:02:51

问题


The Tomcat server logs the following warning on the server terminal while accessing pages from the browser after upgrading Tomcat from 8.0.5 to 8.0.9.0.

MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
WARNING *********** NetBeans HTTP Monitor ************
The request cannot be recorded most likely because the NetBeans HTTP Monitor module is disabled.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.
MonitorFilter::WARNING: the monitor filter must be the first filter in the chain.

The relevant software :

  • Spring 4.0.0 GA
  • Spring Security 3.2.0 GA.
  • JSF 2.2.8-02
  • PrimeFaces 5.1 final
  • PrimeFaces Extension 2.1.0
  • JDK 8u25
  • NetBeans 8.0.1

The web.xml file : 

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
         http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/applicationContext.xml
            /WEB-INF/spring-security.xml
        </param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.FACELETS_LIBRARIES</param-name>
        <param-value>/WEB-INF/my.taglib.xml</param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Production</param-value>
    </context-param>
    <context-param>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>server</param-value>
    </context-param>

    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>/WEB-INF/log4j.properties</param-value>
    </context-param>
    <context-param>
        <param-name>log4jExposeWebAppRoot</param-name>
        <param-value>false</param-value>
    </context-param>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>FORWARD</dispatcher>
    </filter-mapping>

    <filter>
        <filter-name>loginNocacheFilter</filter-name>
        <filter-class>filter.LoginNocacheFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>loginNocacheFilter</filter-name>
        <url-pattern>/utility/*</url-pattern>
    </filter-mapping>

    <filter>
        <filter-name>NoCacheFilter</filter-name>
        <filter-class>filter.NoCacheFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>NoCacheFilter</filter-name>
        <url-pattern>/admin_side/*</url-pattern>
    </filter-mapping>

    <listener>
        <listener-class>
            org.springframework.web.context.ContextLoaderListener
        </listener-class>
    </listener>
    <listener>
        <listener-class>
            org.springframework.web.context.request.RequestContextListener
        </listener-class>
    </listener>
    <listener>
        <listener-class>
            org.springframework.security.web.session.HttpSessionEventPublisher
        </listener-class>
    </listener>
    <listener>
        <listener-class>
            org.springframework.web.util.Log4jConfigListener
        </listener-class>
    </listener>

    <filter>
        <filter-name>PrimeFaces FileUpload Filter</filter-name>
        <filter-class>
            org.primefaces.webapp.filter.FileUploadFilter
        </filter-class>
    </filter>
    <filter-mapping>
        <filter-name>PrimeFaces FileUpload Filter</filter-name>
        <servlet-name>Faces Servlet</servlet-name>
    </filter-mapping>

    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.jsf</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <security-constraint>
        <display-name>Restrict direct access to XHTML files</display-name>
        <web-resource-collection>
            <web-resource-name>XHTML files</web-resource-name>
            <url-pattern>*.xhtml</url-pattern>
        </web-resource-collection>
        <auth-constraint/>
    </security-constraint>
    <session-config>
        <session-timeout>
            120
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>/utility/Login.jsf</welcome-file>
    </welcome-file-list>
        <resource-ref>
        <res-ref-name>jdbc/social_networking</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <res-auth>Container</res-auth>
    </resource-ref>
</web-app>

This did not happen in the previous Tomcat server (8.0.5). Is there a fix?

Note : In my previous question (a year ago), I disabled the HTTP monitor to just suppress the warning. It was not a solution.

EDIT : I forgot to mention but it is clear that this warning appears after Filters pertaining to Spring Security are registered in web.xml.


回答1:


It's a known NB bug when using HttpMonitor for debugging:

https://netbeans.org/bugzilla/show_bug.cgi?id=204775

HttpMonitor will work but it is going to skip some parts of a request if they are processed before by spring (like spring security chain)

You can try to give Spring Security filter an extremely high order and wish it works, which I doubt.



来源:https://stackoverflow.com/questions/26540064/monitorfilterwarning-the-monitor-filter-must-be-the-first-filter-in-the-chain

标签
Spring
spring-mvc
Tomcat
spring-security
tomcat8
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!