In PHP, say I have an LDAP connection on page 1:
$ldapconn = ldap_connect($ldapserver);
if ($ldapconn) {
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
}
// do stuff here
Assuming everything goes well and I’m able to actually do stuff, how can I save this bind so that when a user clicks on a 2nd page I don’t need to again do an ldap_bind using their username/password. In essence I don’t want to store the password in the session if avoidable for security purposes, but I’d like to keep the connection so that I can reuse it on other pages.
PHP LDAP doesn’t support persistent connections. Depending on what kind of LDAP queries you’re doing and how often, you could always set up a database that would store the username/password in encrypted state, then keep the ID to that record in the session (not a good idea to store usernames/passwords). Similar to what is answered here. Perhaps if you expand on what you’re trying to do will help us guide you in a better direction on how to accomplish it. If it’s simply for validating login then once they are validated against LDAP you can put a value in the session that says they’re validated.