github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-21 17:13:00 -05:00
Code Issues 2.4k Packages Projects Releases 129 Wiki Activity

issue: SSO authentication requests request loops #6758

New Issue
Closed
opened 2025-11-11 17:05:14 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-11 17:05:14 -06:00
Owner
Copy Link

Originally created by @mohammeddanishrabbani on GitHub (Oct 24, 2025).

Check Existing Issues

  • I have searched for any existing and/or related issues.
  • I have searched for any existing and/or related discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.33

Ollama Version (if applicable)

No response

Operating System

Ubuntu 22.04

Browser (if applicable)

Microsoft edge

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Redirect to homepage and start new session

Actual Behavior

starts a authetication loop to the idP

Steps to Reproduce

I have seen tremendoes number of authentication request to the idP. I are using shibboleth for SSO authentication.

There is one case where I could reproduce is when session id is lost after keeping the connection stale for about one hour.

Steps:
Enable SAML tracer extension on the browser
Open openwebUI
Perform a prompt
Leave the tab open for about an hour
Check saml tracer for the number of SAML request which keeps happening every 10 sec when the sid is lost

initially polling happens like this with sid
https://xxx.xxxx.com/ws/socket.io/?EIO=4&transport=polling&t=xxxx&sid=xxxxx

Later sid is lost and polling happens using this and it gets into a authentication loop.
https://xxx.xxxx.com/ws/socket.io/?EIO=4&transport=polling&t=xxxx

Logs & Screenshots

..

Additional Information

No response

Originally created by @mohammeddanishrabbani on GitHub (Oct 24, 2025). ### Check Existing Issues - [x] I have searched for any existing and/or related issues. - [x] I have searched for any existing and/or related discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.33 ### Ollama Version (if applicable) _No response_ ### Operating System Ubuntu 22.04 ### Browser (if applicable) Microsoft edge ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Redirect to homepage and start new session ### Actual Behavior starts a authetication loop to the idP ### Steps to Reproduce I have seen tremendoes number of authentication request to the idP. I are using shibboleth for SSO authentication. There is one case where I could reproduce is when session id is lost after keeping the connection stale for about one hour. Steps: Enable SAML tracer extension on the browser Open openwebUI Perform a prompt Leave the tab open for about an hour Check saml tracer for the number of SAML request which keeps happening every 10 sec when the sid is lost initially polling happens like this with sid https://xxx.xxxx.com/ws/socket.io/?EIO=4&transport=polling&t=xxxx&sid=xxxxx Later sid is lost and polling happens using this and it gets into a authentication loop. https://xxx.xxxx.com/ws/socket.io/?EIO=4&transport=polling&t=xxxx ### Logs & Screenshots .. ### Additional Information _No response_
GiteaMirror added the bug label 2025-11-11 17:05:14 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#6758
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?