github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-23 01:51:58 -05:00
Code Issues 2.4k Packages Projects Releases 129 Wiki Activity

[GH-ISSUE #13701] issue: LDAP authentication fails with "list index out of range" #32533

New Issue
Closed
opened 2026-04-25 06:27:49 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-25 06:27:49 -05:00
Owner
Copy Link

Originally created by @AdrianDeWinter on GitHub (May 8, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/13701

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.7

Ollama Version (if applicable)

No response

Operating System

Official docker image on Alpine Linux

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have listed steps to reproduce the bug in detail.

Expected Behavior

When the LDAP_APP_DN user can not be found (for instance due to an incorrect LDAP_SEARCH_BASE), I would expect to receive an error stating as much.

Actual Behavior

When the LDAP_APP_DN can't be found, users attempting to login receive a "LDAP authentication failed" message and the logs show
| ERROR | open_webui.routers.auths:ldap_auth:348 - LDAP authentication error: list index out of range - {}

Steps to Reproduce

  1. Configure and incorrect but existing LDAP_SEARCH_BASE
  2. Attempt to log in via LDAP
  3. Observe uncaught index errors in the log

Logs & Screenshots

Loading WEBUI_SECRET_KEY from file, not provided as an environment variable.
Generating WEBUI_SECRET_KEY
Loading WEBUI_SECRET_KEY from .webui_secret_key
/app/backend/open_webui
/app/backend
/app
INFO [alembic.runtime.migration] Context impl SQLiteImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
WARNI [open_webui.env]

WARNING: CORS_ALLOW_ORIGIN IS SET TO '*' - NOT RECOMMENDED FOR PRODUCTION DEPLOYMENTS.

INFO [open_webui.env] Embedding model set: sentence-transformers/all-MiniLM-L6-v2
WARNI [langchain_community.utils.user_agent] USER_AGENT environment variable not set, consider setting it to identify your requests.

██████╗ ██████╗ ███████╗███╗ ██╗ ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗
██╔═══██╗██╔══██╗██╔════╝████╗ ██║ ██║ ██║██╔════╝██╔══██╗██║ ██║██║
██║ ██║██████╔╝█████╗ ██╔██╗ ██║ ██║ █╗ ██║█████╗ ██████╔╝██║ ██║██║
██║ ██║██╔═══╝ ██╔══╝ ██║╚██╗██║ ██║███╗██║██╔══╝ ██╔══██╗██║ ██║██║
╚██████╔╝██║ ███████╗██║ ╚████║ ╚███╔███╔╝███████╗██████╔╝╚██████╔╝██║
╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═══╝ ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═════╝ ╚═╝

v0.6.7 - building the best AI user interface.

https://github.com/open-webui/open-webui

Fetching 30 files: 100%|██████████| 30/30 [00:00<00:00, 53635.60it/s]
INFO: Started server process [1]
INFO: Waiting for application startup.
2025-05-08 15:03:58.685 | INFO | open_webui.utils.logger:start_logger:140 - GLOBAL_LOG_LEVEL: INFO - {}
2025-05-08 15:03:58.685 | INFO | open_webui.main:lifespan:459 - Installing external dependencies of functions and tools... - {}
2025-05-08 15:03:58.690 | INFO | open_webui.utils.plugin:install_frontmatter_requirements:185 - No requirements found in frontmatter. - {}
2025-05-08 15:03:58.996 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET / HTTP/1.1" 200 - {}
2025-05-08 15:03:59.051 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/loader.js HTTP/1.1" 200 - {}
2025-05-08 15:03:59.068 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 200 - {}
2025-05-08 15:03:59.205 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET / HTTP/1.1" 304 - {}
2025-05-08 15:03:59.206 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /_app/version.json HTTP/1.1" 200 - {}
2025-05-08 15:03:59.321 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/loader.js HTTP/1.1" 304 - {}
2025-05-08 15:03:59.322 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 304 - {}
2025-05-08 15:03:59.674 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /api/config HTTP/1.1" 200 - {}
2025-05-08 15:03:59.685 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash-dark.png HTTP/1.1" 200 - {}
2025-05-08 15:03:59.728 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /api/v1/auths/ HTTP/1.1" 401 - {}
2025-05-08 15:03:59.862 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 304 - {}
2025-05-08 15:03:59.864 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/favicon-dark.png HTTP/1.1" 200 - {}
2025-05-08 15:03:59.937 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/favicon-dark.png HTTP/1.1" 304 - {}
2025-05-08 15:04:01.931 | ERROR | open_webui.routers.auths:ldap_auth:348 - LDAP authentication error: list index out of range - {}

Additional Information

The check for search_success in line 237 is apparently insufficient:

a3bb7df610/backend/open_webui/routers/auths.py (L237-L238)

Originally created by @AdrianDeWinter on GitHub (May 8, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/13701 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.7 ### Ollama Version (if applicable) _No response_ ### Operating System Official docker image on Alpine Linux ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have listed steps to reproduce the bug in detail. ### Expected Behavior When the LDAP_APP_DN user can not be found (for instance due to an incorrect LDAP_SEARCH_BASE), I would expect to receive an error stating as much. ### Actual Behavior When the LDAP_APP_DN can't be found, users attempting to login receive a "LDAP authentication failed" message and the logs show `| ERROR | open_webui.routers.auths:ldap_auth:348 - LDAP authentication error: list index out of range - {}` ### Steps to Reproduce 1. Configure and incorrect but existing LDAP_SEARCH_BASE 2. Attempt to log in via LDAP 3. Observe uncaught index errors in the log ### Logs & Screenshots Loading WEBUI_SECRET_KEY from file, not provided as an environment variable. Generating WEBUI_SECRET_KEY Loading WEBUI_SECRET_KEY from .webui_secret_key /app/backend/open_webui /app/backend /app INFO [alembic.runtime.migration] Context impl SQLiteImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. WARNI [open_webui.env] WARNING: CORS_ALLOW_ORIGIN IS SET TO '*' - NOT RECOMMENDED FOR PRODUCTION DEPLOYMENTS. INFO [open_webui.env] Embedding model set: sentence-transformers/all-MiniLM-L6-v2 WARNI [langchain_community.utils.user_agent] USER_AGENT environment variable not set, consider setting it to identify your requests. ██████╗ ██████╗ ███████╗███╗ ██╗ ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗ ██╔═══██╗██╔══██╗██╔════╝████╗ ██║ ██║ ██║██╔════╝██╔══██╗██║ ██║██║ ██║ ██║██████╔╝█████╗ ██╔██╗ ██║ ██║ █╗ ██║█████╗ ██████╔╝██║ ██║██║ ██║ ██║██╔═══╝ ██╔══╝ ██║╚██╗██║ ██║███╗██║██╔══╝ ██╔══██╗██║ ██║██║ ╚██████╔╝██║ ███████╗██║ ╚████║ ╚███╔███╔╝███████╗██████╔╝╚██████╔╝██║ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═══╝ ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═════╝ ╚═╝ v0.6.7 - building the best AI user interface. https://github.com/open-webui/open-webui Fetching 30 files: 100%|██████████| 30/30 [00:00<00:00, 53635.60it/s] INFO: Started server process [1] INFO: Waiting for application startup. 2025-05-08 15:03:58.685 | INFO | open_webui.utils.logger:start_logger:140 - GLOBAL_LOG_LEVEL: INFO - {} 2025-05-08 15:03:58.685 | INFO | open_webui.main:lifespan:459 - Installing external dependencies of functions and tools... - {} 2025-05-08 15:03:58.690 | INFO | open_webui.utils.plugin:install_frontmatter_requirements:185 - No requirements found in frontmatter. - {} 2025-05-08 15:03:58.996 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET / HTTP/1.1" 200 - {} 2025-05-08 15:03:59.051 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/loader.js HTTP/1.1" 200 - {} 2025-05-08 15:03:59.068 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 200 - {} 2025-05-08 15:03:59.205 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET / HTTP/1.1" 304 - {} 2025-05-08 15:03:59.206 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /_app/version.json HTTP/1.1" 200 - {} 2025-05-08 15:03:59.321 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/loader.js HTTP/1.1" 304 - {} 2025-05-08 15:03:59.322 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 304 - {} 2025-05-08 15:03:59.674 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /api/config HTTP/1.1" 200 - {} 2025-05-08 15:03:59.685 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash-dark.png HTTP/1.1" 200 - {} 2025-05-08 15:03:59.728 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /api/v1/auths/ HTTP/1.1" 401 - {} 2025-05-08 15:03:59.862 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/splash.png HTTP/1.1" 304 - {} 2025-05-08 15:03:59.864 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/favicon-dark.png HTTP/1.1" 200 - {} 2025-05-08 15:03:59.937 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 10.10.80.12:0 - "GET /static/favicon-dark.png HTTP/1.1" 304 - {} 2025-05-08 15:04:01.931 | ERROR | open_webui.routers.auths:ldap_auth:348 - LDAP authentication error: list index out of range - {} ### Additional Information The check for search_success in line 237 is apparently insufficient: https://github.com/open-webui/open-webui/blob/a3bb7df61058e690a76cebb7681bd5390e77d226/backend/open_webui/routers/auths.py#L237-L238
GiteaMirror added the bug label 2026-04-25 06:27:49 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#32533
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?