Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] SolrJ/Solr: HTTP protocol violation: Authentication challenge without WWW-Authenticate header

If I understand correctly, the situation is that you are sending many requests, all with credentials encoded in the headers.
Occasionally a 401 response is received that does not have the WWW-Authenticate header.

This would need for the request to have failed authentication (when many requests with same credentials had passed) and for the resulting 401 response to have been incorrectly generated by jetty.   It seems very unlikely that the one request that has a problem with auth, also tickles some issue to make a bad challenge.  More likely something unrelated to authentication is emitting a spurious 401 response?

Can you capture the full headers of the bad 401?










On Wed, 31 May 2023 at 05:52, Shawn Heisey <eclipse@xxxxxxxxxxxx> wrote:
On 5/30/23 18:48, Shawn Heisey wrote:
> I am trying one more thing ... setting the client to use http/1.1. I
> remember we had some issues with Solr where http2 wasn't working right,
> and I think the final fix for that was upgrading Jetty.

This did not help.  It still randomly (though not very frequently)
throws that exception about authentication.

I do think I was on the right track, just not looking in exactly the
right place.

I set an option when building the Solr client for indexing that SHOULD
have forced all updates to be routed to shard leaders.

Turns out that option doesn't actually do anything.  Which I think is a bug.

So sometimes updates went to a replica that wasn't leader.  And when
that happens, Solr forwards the request to the right index.  That
forwarding is done using HTTP/2, and we have seen evidence that HTTP/2
on Solr sometimes has weird issues.

There is a different and very similarly named option that DOES force the
client to send to leaders only.

So I am using http/1.1 in conjunction with that correct option.  Bonus
... the indexing is happening faster than before, because Solr doesn't
ever need to forward requests to another server.  I should find out in
the next hour or so whether it actually helped.

I do think that if I can get them to upgrade Solr so it's using Jetty
10, the problem will evaporate.

Thanks,
Shawn
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users


--
Greg Wilkins <gregw@xxxxxxxxxxx> CTO http://webtide.com

Back to the top