[BUG] Error message 'LDAP enabled with user provisioning: LDAP_SEARCH_DN should be set' starting from version 2.4.17

[onavas33]

Hello

Describe the bug
Upgrading iris-web to version 2.4.17 or above results in failure to start app container with error message 'LDAP enabled with user provisioning: LDAP_SEARCH_DN should be set'.

To Reproduce

1. With LDAP authentication configured in .env file (below are reproduced only lines relevant for authentication):

# -- AUTH
# requests the just-in-time creation of users with ldap authentification (see https://github.com/dfir-iris/iris-web/issues/203)
#IRIS_AUTHENTICATION_CREATE_USER_IF_NOT_EXIST=True
# -- FOR LDAP AUTHENTICATION
IRIS_AUTHENTICATION_TYPE=ldap
LDAP_SERVER=[redacted]
LDAP_AUTHENTICATION_TYPE=SIMPLE
LDAP_PORT=636
LDAP_USER_PREFIX=[redacted]
LDAP_USER_SUFFIX=
LDAP_VALIDATE_CERTIFICATE=True
LDAP_TLS_VERSION=1.2
LDAP_CUSTOM_TLS_CONFIG=False
LDAP_CA_CERTIFICATE=[redacted]
LDAP_SERVER_CERTIFICATE=[redacted]

2. docker compose up -d
3. docker compose logs app produces the following log messages :

iriswebapp_app  | Running iriswebapp ...
iriswebapp_app  | [2025-02-27 12:55:21 +0000] [7] [INFO] Starting gunicorn 20.1.0
iriswebapp_app  | [2025-02-27 12:55:21 +0000] [7] [INFO] Listening at: http://0.0.0.0:8000 (7)
iriswebapp_app  | [2025-02-27 12:55:21 +0000] [7] [INFO] Using worker: eventlet
iriswebapp_app  | [2025-02-27 12:55:21 +0000] [11] [INFO] Booting worker with pid: 11
iriswebapp_app  | [2025-02-27 12:55:23 +0000] [11] [ERROR] Exception in worker process
iriswebapp_app  | Traceback (most recent call last):
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/arbiter.py", line 589, in spawn_worker
iriswebapp_app  |     worker.init_process()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/workers/geventlet.py", line 134, in init_process
iriswebapp_app  |     super().init_process()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/workers/base.py", line 134, in init_process
iriswebapp_app  |     self.load_wsgi()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/workers/base.py", line 146, in load_wsgi
iriswebapp_app  |     self.wsgi = self.app.wsgi()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/app/base.py", line 67, in wsgi
iriswebapp_app  |     self.callable = self.load()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/app/wsgiapp.py", line 58, in load
iriswebapp_app  |     return self.load_wsgiapp()
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/app/wsgiapp.py", line 48, in load_wsgiapp
iriswebapp_app  |     return util.import_app(self.app_uri)
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/gunicorn/util.py", line 359, in import_app
iriswebapp_app  |     mod = importlib.import_module(module)
iriswebapp_app  |   File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import_module
iriswebapp_app  |     return _bootstrap._gcd_import(name[level:], package, level)
iriswebapp_app  |   File "<frozen importlib._bootstrap>", line 1030, in _gcd_import
iriswebapp_app  |   File "<frozen importlib._bootstrap>", line 1007, in _find_and_load
iriswebapp_app  |   File "<frozen importlib._bootstrap>", line 986, in _find_and_load_unlocked
iriswebapp_app  |   File "<frozen importlib._bootstrap>", line 680, in _load_unlocked
iriswebapp_app  |   File "<frozen importlib._bootstrap_external>", line 850, in exec_module
iriswebapp_app  |   File "<frozen importlib._bootstrap>", line 228, in _call_with_frames_removed
iriswebapp_app  |   File "/iriswebapp/app/__init__.py", line 97, in <module>
iriswebapp_app  |     app.config.from_object('app.configuration.Config')
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/flask/config.py", line 229, in from_object
iriswebapp_app  |     obj = import_string(obj)
iriswebapp_app  |   File "/opt/venv/lib/python3.9/site-packages/werkzeug/utils.py", line 595, in import_string
iriswebapp_app  |     __import__(import_name)
iriswebapp_app  |   File "/iriswebapp/app/configuration.py", line 265, in <module>
iriswebapp_app  |     class Config:
iriswebapp_app  |   File "/iriswebapp/app/configuration.py", line 416, in Config
iriswebapp_app  |     raise Exception('LDAP enabled with user provisioning: LDAP_SEARCH_DN should be set')
iriswebapp_app  | Exception: LDAP enabled with user provisioning: LDAP_SEARCH_DN should be set
iriswebapp_app  | [2025-02-27 12:55:23 +0000] [11] [INFO] Worker exiting (pid: 11)
iriswebapp_app  | [2025-02-27 12:55:24 +0000] [7] [INFO] Shutting down: Master
iriswebapp_app  | [2025-02-27 12:55:24 +0000] [7] [INFO] Reason: Worker failed to boot.

Expected behavior
With previous versions the app container works (tested with 2.4.11, 2.4.14, 2.4.15 and 2.4.16) and produce the following messages:

iriswebapp_app  | Running iriswebapp ...
iriswebapp_app  | [2025-02-27 12:51:41 +0000] [6] [INFO] Starting gunicorn 20.1.0
iriswebapp_app  | [2025-02-27 12:51:41 +0000] [6] [INFO] Listening at: http://0.0.0.0:8000 (6)
iriswebapp_app  | [2025-02-27 12:51:41 +0000] [6] [INFO] Using worker: eventlet
iriswebapp_app  | [2025-02-27 12:51:41 +0000] [10] [INFO] Booting worker with pid: 10
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: IRIS Server v2.4.16
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Min. API version supported: 2.0.4
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Max. API version supported: 2.0.5
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Min. module interface version supported: 1.1
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Max. module interface version supported: 1.2.0
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Session lifetime: 1 day, 0:00:00
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Authentication mechanism configured: ldap
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Authentication local fallback enabled
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: MFA disabled
iriswebapp_app  | 2025-02-27 12:51:43 :: INFO :: configuration :: Config :: Create user during authentication: disabled
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: run_post_init :: IRIS v2.4.16
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: run_post_init :: Running post initiation steps
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Attempting to create data directories
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Creating directory UPLOADED_PATH
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Creating directory TEMPLATES_PATH
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Creating directory BACKUP_PATH
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Creating directory ASSET_STORE_PATH
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: create_directories :: Creating directory DATASTORE_PATH
iriswebapp_app  | 2025-02-27 12:51:47 :: INFO :: post_init :: run_post_init :: Attempting to connect to the database...

Additional context

I could identify that configuration.py was modified in version 2.4.17
in a way which could modify the behavior of iris web about configuration variable IRIS_AUTHENTICATION_CREATE_USER_IF_NOT_EXIST and therefore about variable authentication_create_user_if_not_exists whose value seems to be true when running line 415 with versions 2.4.17+ and false when running previous versions (visible with message "Create user during authentication: disabled" in logs).

But even if i explicitly define a value for IRIS_AUTHENTICATION_CREATE_USER_IF_NOT_EXIST in my .env file the result is the same.