Ruby/LDAP on Rails


#1

This is wierd. I’m trying to get Ruby/LDAP up and working, and at least
the basics work fine under irb:

irb(main):001:0> require ‘ldap’
=> true
irb(main):002:0> LDAP::Conn.new()
=> #LDAP::Conn:0x1b87ac
irb(main):003:0>

So far, so good. All LDAP::Conn.new does is call ldap_init with host
and port parameters, which in turn just allocates the control structure
– there’s no attempt to create a socket until later.

When I switch to Rails, though, this gets strange. Running inside a
brand new rails structure (this is 1.0.0), I do:

$ script/console
Loading development environment.

require ‘ldap’
=> true

LDAP::Conn.new()
LDAP::ResultError: can’t initialise an LDAP session
from (irb):2:in `initialize’
from (irb):2

When I first saw this, it was on my mac ruby -v -> ruby 1.8.4
(2005-12-24) [powerpc-darwin8.5.0] with ruby-ldap-0.9.2, and I’ve
confirmed the behavior through ruby-ldap-0.9.4.

This isn’t just an OSX thing, though. I see the exact same error on my
gentoo box (originally 2004.1, but kept current, where ruby -v -> ruby
1.8.4(2005-12-24) [i686-linux]), with everything up to and including
ruby-ldap-0.9.2 installed through portage.

Thanks!
Eric


#2

On 3/8/06, Eric H. removed_email_address@domain.invalid wrote:

So far, so good. All LDAP::Conn.new does is call ldap_init with host and
port parameters, which in turn just allocates the control structure –
there’s no attempt to create a socket until later.

I don’t know anything more about LDAP::Conn than what you wrote here,
but
where do the host and port parameters come from? Is it possible that
they
aren’t accessible from within Rails?


#3

On 3/8/06, Eric H. removed_email_address@domain.invalid wrote:

=> true

LDAP::Conn.new()
LDAP::ResultError: can’t initialise an LDAP session
from (irb):2:in `initialize’
from (irb):2

When I first saw this, it was on my mac ruby -v -> ruby 1.8.4
(2005-12-24) [powerpc-darwin8.5.0] with ruby-ldap-0.9.2, and I’ve
confirmed the behavior through ruby-ldap-0.9.4.

Sorry, couldn’t duplicate it at work (RHEL):

ruby 1.8.2 (2004-12-25) [i386-linux]
ruby-ldap-0.9.2
rails 1.0.0
Red Hat Enterprise 3

$ ./script/console
Loading development environment.
>> require 'ldap'
=> true
>> LDAP::Conn.new()
=> #<LDAP::Conn:0xb6f9f344>

If I find the time, I’ll try at home (Mac OS X).


#4

Bah. Found a work around at least.

It looks like this may be an issue with openldap 2.2.19 as installed in
OSX 10.4.5. I build openldap 2.3.20 (without slapd, to save time),
installed it under /usr/local, and pointed ruby-ldap at that for the
build. It works like a champ now.

Thanks to everybody who tried to help.

-Eric


#5

They’re both optional, and default to “localhost” and LDAP_PORT (port
389, defined in ldap.c as rb_define_const (rb_mLDAP, "LDAP_PORT", INT2NUM(389));

I’ve tried wrapping the actual ldap_init call with a couple of
printf()s, and can verify that it appears to be getting the arguments it
expects.

Josh on Rails wrote:

I don’t know anything more about LDAP::Conn than what you wrote here,
but
where do the host and port parameters come from? Is it possible that
they
aren’t accessible from within Rails?


#6

In fact, it appears that I was wrong.

The real problem was a shared lib problem between ruby-oci8 and
ruby-ldap. If you have ruby-oci8 installed and linked against a
10g-series instantclient, then be aware that libclntsh.so has its own
version of ldap_connect() – and it doesn’t appear to work. Even if you
aren’t using it, the ActiveRecord initialization sequence will load
oci8lib.so and its dependencies. If you then have your ‘require “ldap”’
in environment.rb where it gets loaded later, then calls to
ldap_connect() will be handled by the oci version, not the openldap
version.

The workaround I found was to put ‘require “ldap”’ at the top of
environment.rb, prior to the require of ‘boot’.

May this save someone a bit of time.