Coding, Uncategorized

Plone, LDAP and buildout

I just spent a couple of hours trying to configure a Zeoserver /Plone 3 setup on Ubuntu, build with the “buildout” mechanism, to use LDAP as an authentication mechanism, and ran into a couple of problems, such as the error message:

ImportError: libldap_r-2.3.so.0: cannot open shared object file: No such file or directory

which might have brought you here. I was using the excellent tutorials by Jens W. Klein and Veit Schiele (German, here the translated version, which describes an even easier setup than than the one provided here; thanks to cra for pointing this out). There is one small detail missing in  both tutorials, namely, that openldap needs the LD_LIBRARY_PATH variable to be set, otherwise python-ldap cannot find the openldap libraries.

To pull both tutorials together, here are the entries that I added to my buildout.cfg (no guarantees that this works unmodified for you).

[buildout]

eggs =

plone.app.ldap


zcml =

plone.app.ldap

parts =
….
openldap
python-ldap

….

[client1]

eggs =
….
${python-ldap:egg}

….
environment-vars =
….
LD_LIBRARY_PATH ${openldap:location}/lib

[openldap]
recipe = zc.recipe.cmmi
url = ftp://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-stable/openldap-stable-20071118.tgz
extra_options = –with-sasl –with-tls –enable-slapd=no

[python-ldap]
recipe = zc.recipe.egg:custom
egg = python-ldap
include-dirs  =
${openldap:location}/include
library-dirs  =
${openldap:location}/lib
rpath =
${openldap:location}/lib

Please note the correct indentation has been lost in the formatting on this blog entry. Hope you find this useful.

Advertisements

4 thoughts on “Plone, LDAP and buildout

  1. Hi,

    Thanks for the great info!

    One note – in the extra_options line, your editor has changed the two dashes to an em-dash. When I copied and pasted that line into my buildout.cfg I got an error. I just changed the em-dash back to two dashes and it works.

    Larry Pitcher

  2. I encountered another problem on a recent (9.10) Ubuntu. It seems that this version of OpenLDAP doesn’t compile cleanly with GCC 4.4, so you need to:

    apt-get install gcc-4.3

    and add some environment variables to the [openldap] section of the buildout:

    [openldap]

    environment =
    # Workaround for “error: storage size of ‘peercred’ isn’t known”
    # http://www.openldap.org/lists/openldap-bugs/200808/msg00130.html
    CPPFLAGS=-D_GNU_SOURCE
    CC=gcc-4.3

    I suppose I could probably have solved this by specifying a newer version of OpenLDAP instead (there have been four stable releases since the 2007-11-18 release), but this seemed like the minimal intervention necessary.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s