« Novell Evolution on Mac OS 10.5 (Leopard)
Das Ausleihsystem der Stabi – Herr, wirf usability vom Himmel! »

Plone, LDAP and buildout

Published March 25, 2009 Coding , Uncategorized Comments
Tags: , , ,

I just spent a couple of hours trying to configure a Zeoserver /Plone 3 setup on Ubuntu, build with the “buildout” mechanism, to use LDAP as an authentication mechanism, and ran into a couple of problems, such as the error message:

ImportError: libldap_r-2.3.so.0: cannot open shared object file: No such file or directory

which might have brought you here. I was using the excellent tutorials by Jens W. Klein and Veit Schiele (German, here the translated version, which describes an even easier setup than than the one provided here; thanks to cra for pointing this out). There is one small detail missing in  both tutorials, namely, that openldap needs the LD_LIBRARY_PATH variable to be set, otherwise python-ldap cannot find the openldap libraries.

To pull both tutorials together, here are the entries that I added to my buildout.cfg (no guarantees that this works unmodified for you).

[buildout]

eggs =

plone.app.ldap


zcml =

plone.app.ldap

parts =
….
openldap
python-ldap

….

[client1]

eggs =
….
${python-ldap:egg}

….
environment-vars =
….
LD_LIBRARY_PATH ${openldap:location}/lib

[openldap]
recipe = zc.recipe.cmmi
url = ftp://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-stable/openldap-stable-20071118.tgz
extra_options = –with-sasl –with-tls –enable-slapd=no

[python-ldap]
recipe = zc.recipe.egg:custom
egg = python-ldap
include-dirs  =
${openldap:location}/include
library-dirs  =
${openldap:location}/lib
rpath =
${openldap:location}/lib

Please note the correct indentation has been lost in the formatting on this blog entry. Hope you find this useful.

4 Responses to “Plone, LDAP and buildout”

Feed for this Entry Trackback Address
  1. 1 Larry Pitcher April 17, 2009 at 7:30 pm

    Hi,

    Thanks for the great info!

    One note – in the extra_options line, your editor has changed the two dashes to an em-dash. When I copied and pasted that line into my buildout.cfg I got an error. I just changed the em-dash back to two dashes and it works.

    Larry Pitcher

    Reply
  2. 2 Mathias February 18, 2010 at 12:51 pm

    Great guide! Have been beating my head against the wall for three days with the openldap-installation before this…

    Reply
  3. 3 Michael R. Bernstein March 31, 2010 at 8:36 pm

    I encountered another problem on a recent (9.10) Ubuntu. It seems that this version of OpenLDAP doesn’t compile cleanly with GCC 4.4, so you need to:

    apt-get install gcc-4.3

    and add some environment variables to the [openldap] section of the buildout:

    [openldap]

    environment =
    # Workaround for “error: storage size of ‘peercred’ isn’t known”
    # http://www.openldap.org/lists/openldap-bugs/200808/msg00130.html
    CPPFLAGS=-D_GNU_SOURCE
    CC=gcc-4.3

    I suppose I could probably have solved this by specifying a newer version of OpenLDAP instead (there have been four stable releases since the 2007-11-18 release), but this seemed like the minimal intervention necessary.

    Reply
  4. 4 Michael R. Bernstein March 31, 2010 at 9:05 pm

    The CPPFLAGS tip (to solve a separate problem) came from this blog post, BTW:

    http://rpatterson.net/blog/ldap-certificates-and-buildout-oh-my

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

« Novell Evolution on Mac OS 10.5 (Leopard)
Das Ausleihsystem der Stabi – Herr, wirf usability vom Himmel! »
Follow

Get every new post delivered to your Inbox.