You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Mohamed Saad (Jira)" <ji...@apache.org> on 2021/08/15 15:56:00 UTC
[jira] [Created] (SOLR-15584) There is a kind of brute-force trials
to access Solr using a different PORT every few minutes
Mohamed Saad created SOLR-15584:
-----------------------------------
Summary: There is a kind of brute-force trials to access Solr using a different PORT every few minutes
Key: SOLR-15584
URL: https://issues.apache.org/jira/browse/SOLR-15584
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: Authentication
Affects Versions: 7.2.1
Environment: Solr 7.2.1
Sitecore 9.1
Azure
Reporter: Mohamed Saad
Attachments: image-2021-08-15-18-50-33-877.png, image-2021-08-15-18-51-49-813.png, image-2021-08-15-18-52-28-177.png
we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves
and we are notes in the log file error "
java.io.IOException: The user name or password is incorrect "
admin team restarted the Solr server and we noticed after restarting
*alot of requests and each request is followed by number of trials and it ends-up by exception firing.*
*There is a kind of brute-force trials to access a different PORT every few minutes) which all lead to failures*
:java.io.IOException: The user name or password is incorrect
at java.io.WinNTFileSystem.canonicalize0(Native Method)
at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
at java.io.File.getCanonicalPath(File.java:620)
at org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
at org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
at org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
at org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
at org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
at org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
at org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
at org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
at org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
at org.eclipse.jetty.server.Server.handle(Server.java:534)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
at java.lang.Thread.run(Thread.java:748)
!image-2021-08-15-18-50-33-877.png!
After restarting Server
!image-2021-08-15-18-52-28-177.png!
!image-2021-08-15-18-51-49-813.png!
we need to know the root cause of the issue and if this is some kind of attacks
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org