SearchStax Help Center


401 Error

A SearchStax Managed Search service “401 Error” means that something made an unauthorized request of the Solr cluster. This usually indicates a problem with Solr Basic Auth or with the authorization header of the HTTP request, but sometimes it is a symptom of a larger problem.

The following issues can produce a 401 Error:

  • If the issue arises during the initial phases of development, check your Basic Auth configuration.
  • A more subtle problem can arise when you include Basic Auth credentials in the URL of a deployment, such as:

    https://username:pass%word@<Solr Endpoint>;solrCloud=true

    If the password contains special characters (such as % signs), you will get a 401 error saying “Not a valid Solr URL.” You may need to use HTML Percent Encoding to pass special characters through the URL. For instance, substitute %25 for % in the URL string, so the above password becomes “pass%25word”. Or… simplify the password.
  • Attempts to issue /select or /update requests from a PowerShell script can generate 401 Errors when trying to pass Solr Basic Auth credentials. See Basic Auth Credentials in PowerShell.
  • There was a problem in Sitecore that sometimes produced 401 Errors in the load-balancer log files. Otherwise identical requests from Sitecore would succeed (200) or sometimes fail (401) because Sitecore didn’t always include the authorization header in the request. If you see this pattern in the load balancer log files, please contact Sitecore for assistance.
  • There is a known problem with Solr 8.1.1 in which internode update requests between shards generate 401 errors visible in solr.log. One of the tell-tale signs of this bug is that the 401 error is intermittent and is usually buried in an avalanche of successful update requests. The problem was fixed in Solr 8.2.0. See SOLR-13510 Intermittent 401’s for internode requests with basicauth enabled – ASF JIRA (apache.org). Let us know if you need help to upgrade to 8.2.
  • Sometimes a client will flood Solr with single-document index-update requests (twenty per second in one case). Solr can throw 401 errors as it gets behind. The solution is to batch the requests.
  • The 401 error can sometimes include the following message: “Expired key request timestamp.” One replica could not be updated because that server’s clock was out of sync with the rest of the cluster. Restarting the server removed the problem.

Questions?

Do not hesitate to contact the SearchStax Support Desk.


Return to Frequently Asked Questions.