You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Gus Heck (Jira)" <ji...@apache.org> on 2021/08/15 19:15:00 UTC
[jira] [Commented] (SOLR-15584) There is a kind of brute-force
trials to access Solr using a different PORT every few minutes
[ https://issues.apache.org/jira/browse/SOLR-15584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17399387#comment-17399387 ]
Gus Heck commented on SOLR-15584:
---------------------------------
Actually, I will say, ignoring your description and just looking at your stack trace it looks more like maybe you've put your index on a filesystem that requires a password.... but that's just a guess.
> There is a kind of brute-force trials to access Solr using a different PORT every few minutes
> ---------------------------------------------------------------------------------------------
>
> Key: SOLR-15584
> URL: https://issues.apache.org/jira/browse/SOLR-15584
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 7.2.1
> Environment: Solr 7.2.1
> Sitecore 9.1
> Azure
> Reporter: Mohamed Saad
> Priority: Critical
> Attachments: image-2021-08-15-18-50-33-877.png, image-2021-08-15-18-51-49-813.png, image-2021-08-15-18-52-28-177.png
>
>
> we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves
> and we are notes in the log file error "
> java.io.IOException: The user name or password is incorrect "
> admin team restarted the Solr server and we noticed after restarting
> *alot of requests and each request is followed by number of trials and it ends-up by exception firing.*
> *There is a kind of brute-force trials to access a different PORT every few minutes) which all lead to failures*
>
>
> :java.io.IOException: The user name or password is incorrect
> at java.io.WinNTFileSystem.canonicalize0(Native Method)
> at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
> at java.io.File.getCanonicalPath(File.java:620)
> at org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
> at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
> at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
> at org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
> at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
> at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
> at org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
> at org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
> at org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
> at org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
> at org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
> at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
> at org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
> at org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
> at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
> at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
> at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
> at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
> at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
> at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.server.Server.handle(Server.java:534)
> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
> at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
> at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
> at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
> at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
> at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
> at java.lang.Thread.run(Thread.java:748)
>
> !image-2021-08-15-18-50-33-877.png!
> After restarting Server
> !image-2021-08-15-18-52-28-177.png!
> !image-2021-08-15-18-51-49-813.png!
> we need to know the root cause of the issue and if this is some kind of attacks
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org