[
https://issues.apache.org/jira/browse/SOLR-15584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gus Heck resolved SOLR-15584.
-----------------------------
Resolution: Invalid
I'm sorry you are having difficulties, but this is not the place to find a
solution to this type of problem. This is the Apache Software Foundation's Bug
reporting site, and tickets here are only valid if they report a bug with
software that we produce, typically with steps to reproduce and often with
suggestions or code to fix the problem.
You appear to be using sitecore which is a product that leverages Apache Solr,
but we know nothing of it or how to help you with sitecore. Furthermore the
problem you describe sounds very much like it is neither a deficiency in
Sitecore nor in Solr but rather a problem either with an intruder on your
network, or having exposed the Sitecore product to the open internet.
The best thing for you is probably to contact your network administrators, in
your organization. (hopefully that's not you :) )
> There is a kind of brute-force trials to access Solr using a different PORT
> every few minutes
> ---------------------------------------------------------------------------------------------
>
> Key: SOLR-15584
> URL: https://issues.apache.org/jira/browse/SOLR-15584
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 7.2.1
> Environment: Solr 7.2.1
> Sitecore 9.1
> Azure
> Reporter: Mohamed Saad
> Priority: Critical
> Attachments: image-2021-08-15-18-50-33-877.png,
> image-2021-08-15-18-51-49-813.png, image-2021-08-15-18-52-28-177.png
>
>
> we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves
> and we are notes in the log file error "
> java.io.IOException: The user name or password is incorrect "
> admin team restarted the Solr server and we noticed after restarting
> *alot of requests and each request is followed by number of trials and it
> ends-up by exception firing.*
> *There is a kind of brute-force trials to access a different PORT every few
> minutes) which all lead to failures*
>
>
> :java.io.IOException: The user name or password is incorrect
> at java.io.WinNTFileSystem.canonicalize0(Native Method)
> at
> java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
> at java.io.File.getCanonicalPath(File.java:620)
> at
> org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
> at
> org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
> at
> org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
> at
> org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
> at
> org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
> at
> org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
> at
> org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
> at
> org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
> at
> org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
> at
> org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
> at
> org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
> at
> org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
> at
> org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
> at
> org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
> at
> org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
> at
> org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
> at
> org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
> at
> org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at
> org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.server.Server.handle(Server.java:534)
> at
> org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
> at
> org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
> at
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
> at java.lang.Thread.run(Thread.java:748)
>
> !image-2021-08-15-18-50-33-877.png!
> After restarting Server
> !image-2021-08-15-18-52-28-177.png!
> !image-2021-08-15-18-51-49-813.png!
> we need to know the root cause of the issue and if this is some kind of
> attacks
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
