search

bird-house / pyramid-phoenix

Phoenix is a Pyramid web-application to make it easy to interact with WPS services
http://pyramid-phoenix.readthedocs.io/en/latest/
Apache License 2.0
7 stars 10 forks source link

Pyramid LDAP support #31

Closed fklemme closed 9 years ago

fklemme commented 9 years ago

I think the LDAP integration is ready for a first merge into master.

These code changes implement an additional way to login into Phoenix besides OpenID. All additions are completely optional and won't affect the current user experience.

@cehbrecht: Please have a brief look at the (file) changes. Let me know what you think or if you want anything being changed. As always, any feedback is welcome! :-) Feel free to go ahead and merge if you think that everything's fine.

Changes

cehbrecht commented 9 years ago

i've merged the currend ldap support to master branch ... not sure if it works ... could not try ...

There is python-ldap on conda. I've added it to the conda packages in config/phoenix.cfg. You might give it a try so that we can remove the ldap system packages?

There are quite some changes on master. I have added support for GitHub login (thats why i merged ldap before) and there is a Phoenix login for local development and demos. Please see the custom.cfg.example for activation (at least Phoenix for your local devs ... admin-users is not valid anymore).

cehbrecht commented 9 years ago

... i've changed the userid handling ... it is not the email anymore ... that was a left over from using Mozilla BrowserID.

fklemme commented 9 years ago

You might give it a try so that we can remove the ldap system packages?

I will.

I have added support for GitHub login (thats why i merged ldap before) and there is a Phoenix login for local development and demos.

This is great! I absolutely missed the option for a local login. :-)

i've changed the userid handling ... it is not the email anymore

Perfect! That simplifies a lot with LDAP.

fklemme commented 9 years ago

Unfortunately, the system packages seem to be mandatory.

Getting distribution for 'python-ldap'.
defines: HAVE_SASL HAVE_TLS HAVE_LIBLDAP_R
extra_compile_args: 
extra_objects: 
include_dirs: /opt/openldap-RE24/include /usr/include/sasl /usr/include
library_dirs: /opt/openldap-RE24/lib /usr/lib
libs: ldap_r
file Lib/ldap.py (for module ldap) not found
file Lib/ldap/controls.py (for module ldap.controls) not found
file Lib/ldap/extop.py (for module ldap.extop) not found
file Lib/ldap/schema.py (for module ldap.schema) not found
warning: no files found matching 'Makefile'
warning: no files found matching 'Modules/LICENSE'
file Lib/ldap.py (for module ldap) not found
file Lib/ldap/controls.py (for module ldap.controls) not found
file Lib/ldap/extop.py (for module ldap.extop) not found
file Lib/ldap/schema.py (for module ldap.schema) not found
file Lib/ldap.py (for module ldap) not found
file Lib/ldap/controls.py (for module ldap.controls) not found
file Lib/ldap/extop.py (for module ldap.extop) not found
file Lib/ldap/schema.py (for module ldap.schema) not found
In file included from Modules/LDAPObject.c:9:0:
Modules/errors.h:8:18: fatal error: lber.h: No such file or directory
 #include "lber.h"
                  ^
compilation terminated.
error: Setup script exited with error: command 'gcc' failed with exit status 1
An error occurred when trying to install python-ldap 2.4.19. Look above this message for any errors that were output by easy_install.
While:
  Installing phoenix.
  Getting distribution for 'python-ldap'.
Error: Couldn't install: python-ldap 2.4.19
make: *** [install] Error 1

The pyramid_ldap installation instructions say:

pyramid_ldap depends on the python-ldap and ldappool packages. python_ldap requires OpenLDAP development libraries to be installed before it can successfully be installed. An easy way to get these installed on a Debian Linux system is to use apt-get build-dep python-ldap.

cehbrecht commented 9 years ago

Unfortunately buildout did not install conda packages in the correct order ... first conda ... then phoenix. Buildout took instead python-ldap from pypi. This needs to be fixed. Try to install python-ldap via conda first ... then run make clean install.

$ conda search ldap
python-ldap               .  2.4.13                   py27_0  defaults
fklemme commented 9 years ago

Well, I have to admit that I haven't understood the whole build process yet. Make, buildout, conda, virtual environments... all that is still magic for me. What do I need to change to test that?

cehbrecht commented 9 years ago

for testing just do the following:

$ source activate birdhouse # the cond env for birdhouse
$ conda install python-ldap
$ cd pyramid-phoenix
$ make clean
$ make install

When python-ldap is already availble in the "system" (in this case in conda) then buildout will not try to download it from pypi by itself.

Conda is just a package manager which is very helpful for me ... i need to install easily many packages on quite different Linux machines ... you can easily provide your own packages. See the conda docs and the recipes:

http://birdhouse.readthedocs.org/en/latest/dev_guide.html#using-anaconda-in-birdhouse

Buildout is a bit confusing at first use ... and maybe even later ;) I'm using buildout to set up the whole application .... packages .... configs ... installation folder structure .... databases ... services ... supervisor ... Buildout can be extended with your own recipes or "plugins" (for example those birdhousebuilder.recipes ....) Usually buildout installs all python packages from pypi ... but you can convice it (with a recipe) to also use packages from the system (in my case usally conda). Have a look at the docs and example configs.

http://birdhouse.readthedocs.org/en/latest/dev_guide.html#using-buildout-in-birdhouse

cehbrecht commented 9 years ago

... ah ... make is just used as a wrapper to call the buildout and conda commands. Just for convenience.