GroupService throws Not a valid protocol version


Can you please help me by letting me know what this error means?
Is it expecting a specific Content-Type in the reply?
Did I not specify an appropriate response_group_json_path?
In short what does this message mean and what is the GroupService expecting in the response?
Thanks in advance :slight_smile:

(Simone Scarduzio) #2

Please make sure you include the stack trace and ROR version (even if you told your version in another post, every post has to be given all the context for future readers) when reporting about an exception.


Using the Elasticsearch Version 1.16.21
Log has:
[2018-07-12T12:06:07,126][INFO ][t.b.r.h.ApacheHttpCoreClient] HTTP client failed to connect: [ … ] GET reason: Not a valid protocol version: { “mylist” : { “groups” : [ { “groups” : “group1” , “users” : “user1” } ] }}

java.util.concurrent.CompletionException: org.apache.http.ProtocolException: Not a valid protocol version: { “mylist” : { “groups” : [ { “groups” : “group1” , “users” : “user1” } ] }}
at java.util.concurrent.CompletableFuture.encodeThrowable( ~[?:1.8.0_162]

(Simone Scarduzio) #4

I need all the stack trace please! Why did you cut it?


I can’t cut because the machine it is running on is on an internal network

(Simone Scarduzio) #6

screenshot with phone?


So I got passed the issue with the protocol error and it appears that is it finally running but it is not finding what it is looking for.

Let me keep working on this for a bit before I bug you with any more questions.
The current error says: group_provider_authorization rule matching got an error org.apache.http.ConnectionClosedException.

I have to go so I will check back later is you’ve seen this and have any ideas.
Thanks for all your help thus far. :slightly_smiling_face:


So all my errors are gone now and from all appearances it looks like it is getting everything it needs including a properly formatted JSON response.
Where I am at is I am getting group_provider_authorization->false
I expect is has to do with the response_groups_json_path value i set there.
The json reply I am sending is :
{ “mylist” ; [ { “groups” : “mygroups”, “users” : “myuser” } ] }
with response_groups_json_path: "$.mylist.[?(].name
Is my response_groups_json_path set correctly to find the groups the user is authorized?
Can someone help with how this works?
I am not getting any java traces anymore just FORBIDDEN with reason = group_provider_authorization->false

Thanks in advance for your help


I went to the Jayway site and verified that what I am replying with and the response_groups_json_path I am using works returning just the list of groups I want.
The response I send ROR GroupsService is :
{ “mylist” : { “mygrouplist” : [ { “groups” : “ugroup1”, “users” : “user1” },{ “groups” : “ugroup2”, “users” : “user2” } ] }

and response_groups_json_path: “$[‘mylist’][‘mygrouplist’][*][‘groups’]”
Note: I also tried this using the dot notation both yield the same result

result continues to be: group_provider_authorization->false

Is there any way to tell what the ROR GroupsService is actually doing …receiving?

(Simone Scarduzio) #10

The answer is yes. There will be log lines for exactly what you want to know if you enable debug logs (edit

 try {
          List<String> groups =, responseGroupsJsonPath);
          logger.debug("Groups returned by groups provider '" + name + "': " + Joiner.on(",").join(groups));
          return Sets.newHashSet(groups);
        } catch (Exception e) {
          logger.error("Group based authorization response exception", e);
          return Sets.newHashSet();