[
https://issues.apache.org/jira/browse/SOLR-12354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16498262#comment-16498262
]
Varun Thacker commented on SOLR-12354:
--------------------------------------
Hi Noble,
In SolrDispatchFilter we create a CoreContainer object and then call the load
method
{code:java}
protected CoreContainer createCoreContainer(Path solrHome, Properties
extraProperties) {
NodeConfig nodeConfig = loadNodeConfig(solrHome, extraProperties);
final CoreContainer coreContainer = new CoreContainer(nodeConfig,
extraProperties, true);
coreContainer.load();
return coreContainer;
}{code}
In CoreContainer#load we create the ZooKeeper container object and register
this node as a live node under /live_nodes
So by moving the public key initialization from CoreContrainer#load to the
constructor we ensure that the handler is available before a node is registered
as a live node
There will always be a race between when the solr port get's initialized and
the CoreContainer object get's created. We expect all clients to only issue a
request to a node if it's registered under /live_nodes
Is my understanding of the issue correct here?
If it is then can we simply move the handler initialization before this
statement in CoreContainer#load . It should have the same effect right?
{code:java}
zkSys.initZooKeeper(this, solrHome, cfg.getCloudConfig());{code}
On a side note CoreContainer has unused imports which would break precommit
> org.apache.solr.security.PKIAuthenticationPlugin does not check response code
> when retrieving remotePublicKey
> -------------------------------------------------------------------------------------------------------------
>
> Key: SOLR-12354
> URL: https://issues.apache.org/jira/browse/SOLR-12354
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 6.6.2, 6.6.3
> Reporter: hamada
> Assignee: Noble Paul
> Priority: Major
> Attachments: SOLR-12354.patch
>
>
> in decipherHeader(), if keyCache does not contain the key of interest, then a
> remote call is made to retrieve the key from the remote host, by calling
> getRemotePublicKey, which fails if the server returns an html error page.
> e.g.:
> org.noggit.JSONParser$ParseException: JSON Parse Error: char=<,position=0
> BEFORE='<' AFTER='html> <head> <meta http-equiv="Content-' at
> org.noggit.JSONParser.err(JSONParser.java:356) ~[noggit-0.6.jar:?] at
> org.noggit.JSONParser.handleNonDoubleQuoteString(JSONParser.java:712)
> ~[noggit-0.6.jar:?] at org.noggit.JSONParser.next(JSONParser.java:886)
> ~[noggit-0.6.jar:?] at org.noggit.JSONParser.nextEvent(JSONParser.java:930)
> ~[noggit-0.6.jar:?] at org.noggit.ObjectBuilder.<init>(ObjectBuilder.java:44)
> ~[noggit-0.6.jar:?] at org.noggit.ObjectBuilder.getVal(ObjectBuilder.java:37)
> ~[noggit-0.6.jar:?]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
