You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Gus Heck (Jira)" <ji...@apache.org> on 2021/08/15 19:15:00 UTC

[jira] [Commented] (SOLR-15584) There is a kind of brute-force trials to access Solr using a different PORT every few minutes

    [ https://issues.apache.org/jira/browse/SOLR-15584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17399387#comment-17399387 ] 

Gus Heck commented on SOLR-15584:
---------------------------------

Actually, I will say, ignoring your description and just looking at your stack trace it looks more like maybe you've put your index on a filesystem that requires a password.... but that's just a guess.

> There is a kind of brute-force trials to access Solr using a different PORT every few minutes
> ---------------------------------------------------------------------------------------------
>
>                 Key: SOLR-15584
>                 URL: https://issues.apache.org/jira/browse/SOLR-15584
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authentication
>    Affects Versions: 7.2.1
>         Environment: Solr 7.2.1
> Sitecore 9.1
> Azure 
>            Reporter: Mohamed Saad
>            Priority: Critical
>         Attachments: image-2021-08-15-18-50-33-877.png, image-2021-08-15-18-51-49-813.png, image-2021-08-15-18-52-28-177.png
>
>
> we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves 
> and we are notes in the log file error "
> java.io.IOException: The user name or password is incorrect "
> admin team restarted the Solr server and we noticed after restarting 
> *alot of requests and each request is followed by number of trials and it ends-up by exception firing.*
> *There is a kind of brute-force trials to access a different PORT every few minutes) which all lead to failures* 
>  
>  
> :java.io.IOException: The user name or password is incorrect
>                at java.io.WinNTFileSystem.canonicalize0(Native Method)
>                at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
>                at java.io.File.getCanonicalPath(File.java:620)
>                at org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
>                at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
>                at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
>                at org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
>                at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
>                at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
>                at org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
>                at org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
>                at org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
>                at org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
>                at org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
>                at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
>                at org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
>                at org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
>                at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
>                at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
>                at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
>                at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
>                at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
>                at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
>                at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
>                at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
>                at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
>                at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
>                at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
>                at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
>                at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
>                at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
>                at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
>                at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
>                at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
>                at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
>                at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
>                at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
>                at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
>                at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
>                at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
>                at org.eclipse.jetty.server.Server.handle(Server.java:534)
>                at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
>                at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
>                at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
>                at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
>                at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
>                at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
>                at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
>                at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
>                at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
>                at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
>                at java.lang.Thread.run(Thread.java:748)
>  
> !image-2021-08-15-18-50-33-877.png!
> After restarting Server
> !image-2021-08-15-18-52-28-177.png!
> !image-2021-08-15-18-51-49-813.png!
> we need to know the root cause of the issue and if this is some kind of attacks  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org