[Zope 2.10] Installing modules

Hello.
I am a Software Engineer who is new to a team maintaining/developing a legacy application using Zope 2.10.6 final.
The developers who created our Zope installation have all left, and there are very few notes on how to maintain the installation.
For the above mentioned reason, the inertia of this legacy project makes updating to a newer Zope version difficult. (I'm told it's been tried unsuccessfully.)

We have a new requirement to add SAML authentication.

I found dm.zope.saml2 and collective.saml2. The latter says it's an installation wrapper around the former.
I've tried

/vol/plone/Python2.4/bin/python2.4 setup.py install

within the untarred package for both of the above mentioned packages. They both failed to install.

The Zope online documentation itself is very sparse and unhelpful.
Is there a resource I can utilize to help me install modules in our 2.10 environment?
(And/Or, is there a resource available which gives assistance in upgrading a hopelessly out of date Zope to something more modern?)

This will not be easy.

SAML2 is a complex standard. Therefore, any implementation is likely to build on top of many "components". Any of those components makes explicit or implicit assumptions about the versions of other components they depend on. You are using an installation with particularly old software versions - this will be hard: you likely cannot use the current versions but must find a combination of old versions which can work together.

If you need that your application acts as an SAML2 service provider, then an external SAML2 implementation may be sufficient. There is for example an Apache module acting as an SAML service provider. With an external SAML2 integration the web server will inform Zope about the user it has identified and Zope can be set up (at least with Products.PluggableAuthService) to accept the user identified in this way.

If Zope needs to act as SAML2 identity provider, an external implementation is more difficult.

dm.zope.saml2 has been designed to work with Products.CMFCore (e.g. Plone) portals. Such a portal defines a so called "site" (--> "Products.LocalSiteManager). One can define sites in Zope as well but one needs more internal knowledge. The plugins of dm.zope.saml2assume the use ofProducts.PluggableAuthService. dm.zope.saml2depends onpyxb(to handle the XML schema defined SAML2 documents) anddm.xmlsec.binding(to handle XML signatures and encryption).dm.xmlsec.bindingin turn depends on the XML security library (implemented in C) andlxml` (which depends on variable XML C libraries). To use it, you will need to install all required C libraries and find compatible versions of the involved Python packages. Read the various installation instructions for details.

2 Likes

Plone Foundation Code of Conduct