[
https://issues.apache.org/jira/browse/RANGER-5643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj updated RANGER-5643:
-------------------------------------
Description:
Ranger audit dispatcher for Solr fails in sending audit logs to Solr due to
following authentication error. Kerberos setup in docker needs to be reviewed
and updated.
{noformat}
2026-06-13 15:51:45.545 WARN - NEGOTIATE authentication error: No valid
credentials provided (Mechanism level: No valid credentials provided (Mechanism
level: Server not found in Kerberos database (7) - LOOKING_UP_SERVER))
2026-06-13 15:51:45.551 WARN - failed to log audit event:
{"repoType":9,"repo":"dev_kafka","reqUser":"kafka","evtTime":"2026-06-13
15:37:59.293","access":"cluster_action","resource":"kafka-cluster","resType":"cluster","action":"cluster_action","result":1,"agent":"kafka","policy":-1,"enforcer":"ranger-acl","cliIP":"172.18.0.13","reqData":"kafka-cluster","agentHost":"ranger-kafka.rangernw","logType":"RangerAudit","id":"af6b2bd4-8e93-4ec0-a856-4bd2d893d58d-3","seq_num":11,"event_count":2,"event_dur_ms":1}
org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
from server at http://ranger-solr:8983/solr/ranger_audits: Expected mime type
application/octet-stream but got text/html. <html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 401 Unauthorized access</title>
</head>
<body><h2>HTTP ERROR 401 Unauthorized access</h2>
<table>
<tr><th>URI:</th><td>/solr/ranger_audits/update</td></tr>
<tr><th>STATUS:</th><td>401</td></tr>
<tr><th>MESSAGE:</th><td>Unauthorized access</td></tr>
<tr><th>SERVLET:</th><td>default</td></tr>
</table>
</body>
</html>
at
org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:635)
at
org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:266)
at
org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:248)
at
org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:606)
at
org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:582)
at
org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:225)
at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:106)
at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:71)
at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:85)
at
org.apache.ranger.audit.destination.SolrAuditDestination.lambda$addDocsToSolr$2(SolrAuditDestination.java:486)
at
java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
at java.base/javax.security.auth.Subject.doAs(Subject.java:439)
at
org.apache.ranger.audit.utils.AbstractKerberosUser.doAs(AbstractKerberosUser.java:151)
at
org.apache.ranger.audit.utils.KerberosAction.execute(KerberosAction.java:71)
at
org.apache.ranger.audit.destination.SolrAuditDestination.addDocsToSolr(SolrAuditDestination.java:492)
at
org.apache.ranger.audit.destination.SolrAuditDestination.log(SolrAuditDestination.java:170)
at
org.apache.ranger.audit.provider.BaseAuditHandler.logJSON(BaseAuditHandler.java:137)
at
org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher.processMessageBatch(AuditSolrDispatcher.java:112)
at
org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher$SolrDispatcherWorker.processRecordBatch(AuditSolrDispatcher.java:146)
at
org.apache.ranger.audit.dispatcher.kafka.AuditDispatcherBase$DispatcherWorker.run(AuditDispatcherBase.java:268)
at
java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:840)
{noformat}
Following WARN log is seen in ranger-solr container:
{noformat}
2026-06-13 15:51:44.876 WARN (qtp746115872-25) [c: s: r: x: t:null-287]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
2026-06-13 15:51:44.880 WARN (qtp746115872-75) [c: s: r: x: t:null-288]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
2026-06-13 15:51:45.542 WARN (qtp746115872-25) [c: s: r: x: t:null-289]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
2026-06-13 15:51:45.546 WARN (qtp746115872-75) [c: s: r: x: t:null-290]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
{noformat}
was:
Ranger audit dispatcher for Solr fails in sending audit logs to Solr due to
following authentication error. Kerberos setup in docker needs to be reviewed
and updated.
{noformat}
2026-06-13 15:43:14.545 WARN - NEGOTIATE authentication error: No valid
credentials provided (Mechanism level: No valid credentials provided (Mechanism
level: Server not found in Kerberos database (7) - LOOKING_UP_SERVER))
2026-06-13 15:43:14.547 ERROR - Error processing batch in worker
'solr-worker-4', batch size: 10
java.lang.Exception: Failure in sending audits into Solr
at
org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher.processMessageBatch(AuditSolrDispatcher.java:115)
at
org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher$SolrDispatcherWorker.processRecordBatch(AuditSolrDispatcher.java:146)
at
org.apache.ranger.audit.dispatcher.kafka.AuditDispatcherBase$DispatcherWorker.run(AuditDispatcherBase.java:268)
at
java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:840)
{noformat}
Following WARN log is seen in ranger-solr container:
{noformat}
2026-06-13 15:43:14.542 WARN (qtp746115872-19) [c: s: r: x: t:null-97]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
2026-06-13 15:43:14.546 WARN (qtp746115872-20) [c: s: r: x: t:null-98]
o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
access
{noformat}
> docker setup: ranger-audit-displatcher-solr fails in sending audit logs to
> Solr
> -------------------------------------------------------------------------------
>
> Key: RANGER-5643
> URL: https://issues.apache.org/jira/browse/RANGER-5643
> Project: Ranger
> Issue Type: Bug
> Components: audit
> Affects Versions: 3.0.0
> Reporter: Madhan Neethiraj
> Priority: Major
>
> Ranger audit dispatcher for Solr fails in sending audit logs to Solr due to
> following authentication error. Kerberos setup in docker needs to be reviewed
> and updated.
> {noformat}
> 2026-06-13 15:51:45.545 WARN - NEGOTIATE authentication error: No valid
> credentials provided (Mechanism level: No valid credentials provided
> (Mechanism level: Server not found in Kerberos database (7) -
> LOOKING_UP_SERVER))
> 2026-06-13 15:51:45.551 WARN - failed to log audit event:
> {"repoType":9,"repo":"dev_kafka","reqUser":"kafka","evtTime":"2026-06-13
> 15:37:59.293","access":"cluster_action","resource":"kafka-cluster","resType":"cluster","action":"cluster_action","result":1,"agent":"kafka","policy":-1,"enforcer":"ranger-acl","cliIP":"172.18.0.13","reqData":"kafka-cluster","agentHost":"ranger-kafka.rangernw","logType":"RangerAudit","id":"af6b2bd4-8e93-4ec0-a856-4bd2d893d58d-3","seq_num":11,"event_count":2,"event_dur_ms":1}
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
> from server at http://ranger-solr:8983/solr/ranger_audits: Expected mime type
> application/octet-stream but got text/html. <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
> <title>Error 401 Unauthorized access</title>
> </head>
> <body><h2>HTTP ERROR 401 Unauthorized access</h2>
> <table>
> <tr><th>URI:</th><td>/solr/ranger_audits/update</td></tr>
> <tr><th>STATUS:</th><td>401</td></tr>
> <tr><th>MESSAGE:</th><td>Unauthorized access</td></tr>
> <tr><th>SERVLET:</th><td>default</td></tr>
> </table>
> </body>
> </html>
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:635)
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:266)
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:248)
> at
> org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:606)
> at
> org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:582)
> at
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:225)
> at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:106)
> at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:71)
> at org.apache.solr.client.solrj.SolrClient.add(SolrClient.java:85)
> at
> org.apache.ranger.audit.destination.SolrAuditDestination.lambda$addDocsToSolr$2(SolrAuditDestination.java:486)
> at
> java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
> at java.base/javax.security.auth.Subject.doAs(Subject.java:439)
> at
> org.apache.ranger.audit.utils.AbstractKerberosUser.doAs(AbstractKerberosUser.java:151)
> at
> org.apache.ranger.audit.utils.KerberosAction.execute(KerberosAction.java:71)
> at
> org.apache.ranger.audit.destination.SolrAuditDestination.addDocsToSolr(SolrAuditDestination.java:492)
> at
> org.apache.ranger.audit.destination.SolrAuditDestination.log(SolrAuditDestination.java:170)
> at
> org.apache.ranger.audit.provider.BaseAuditHandler.logJSON(BaseAuditHandler.java:137)
> at
> org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher.processMessageBatch(AuditSolrDispatcher.java:112)
> at
> org.apache.ranger.audit.dispatcher.kafka.AuditSolrDispatcher$SolrDispatcherWorker.processRecordBatch(AuditSolrDispatcher.java:146)
> at
> org.apache.ranger.audit.dispatcher.kafka.AuditDispatcherBase$DispatcherWorker.run(AuditDispatcherBase.java:268)
> at
> java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
> at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
> at java.base/java.lang.Thread.run(Thread.java:840)
> {noformat}
> Following WARN log is seen in ranger-solr container:
> {noformat}
> 2026-06-13 15:51:44.876 WARN (qtp746115872-25) [c: s: r: x: t:null-287]
> o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
> access
> 2026-06-13 15:51:44.880 WARN (qtp746115872-75) [c: s: r: x: t:null-288]
> o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
> access
> 2026-06-13 15:51:45.542 WARN (qtp746115872-25) [c: s: r: x: t:null-289]
> o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
> access
> 2026-06-13 15:51:45.546 WARN (qtp746115872-75) [c: s: r: x: t:null-290]
> o.a.h.s.a.s.AuthenticationFilter AuthenticationToken ignored: Unauthorized
> access
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
