保持LDAP会话 [英] Keep LDAP Session

问题描述

在PHP中，请说我在第1页上建立了LDAP连接:

In PHP, say I have an LDAP connection on page 1:

$ldapconn = ldap_connect($ldapserver);
if ($ldapconn) {
      // binding to ldap server
      $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
}
// do stuff here

假设一切顺利，并且我能够实际完成工作，那么如何保存此绑定，以便当用户单击第二页时，我无需再次使用其用户名/密码来执行ldap_bind.从本质上讲，出于安全性考虑，我不想将密码存储在会话中，但我想保留连接，以便可以在其他页面上重复使用它.

Assuming everything goes well and I'm able to actually do stuff, how can I save this bind so that when a user clicks on a 2nd page I don't need to again do an ldap_bind using their username/password. In essence I don't want to store the password in the session if avoidable for security purposes, but I'd like to keep the connection so that I can reuse it on other pages.

推荐答案

PHP LDAP不支持持久连接.根据您执行的LDAP查询类型和频率，您总是可以设置一个数据库，该数据库以加密状态存储用户名/密码，然后将ID保留在会话中的该记录中(存储用户名/密码的想法).类似于在此处回答的内容.也许，如果您对尝试做的事情有所了解，将会帮助我们指导您更好地实现目标.如果仅是为了验证登录名，那么一旦针对LDAP验证了登录名，您就可以在会话中输入一个值，以表明他们已被验证.

PHP LDAP doesn't support persistent connections. Depending on what kind of LDAP queries you're doing and how often, you could always set up a database that would store the username/password in encrypted state, then keep the ID to that record in the session (not a good idea to store usernames/passwords). Similar to what is answered here. Perhaps if you expand on what you're trying to do will help us guide you in a better direction on how to accomplish it. If it's simply for validating login then once they are validated against LDAP you can put a value in the session that says they're validated.

这篇关于保持LDAP会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！