Currently the status tool does not distinguish between Authentication/Authorization errors and other IO errors and just throws a generic Exception with the 401 HTML output from Jetty:
$ bin/solr status
Found 1 Solr nodes:
Solr process 4332 running on port 8983
ERROR: Failed to get system information from http://localhost:8983/solr due to: org.apache.http.client.ClientProtocolException: Expected JSON response from server but received: <html>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 401 require authentication</title>
<body><h2>HTTP ERROR 401</h2>
<p>Problem accessing /solr/admin/info/system. Reason:
<pre> require authentication</pre></p>
Typically, this indicates a problem with the Solr server; check the Solr server logs for more information.
Instead, the tool should exit with a clear message that authentication is required, and the status tool should throw a security related exception that tool consumers (such as assertTool) can detect. Due to this assert -u also fails when Solr is password protected.