保持LDAP会话 [英] Keep LDAP Session
问题描述
在PHP中,请说我在第1页上建立了LDAP连接:
In PHP, say I have an LDAP connection on page 1:
$ldapconn = ldap_connect($ldapserver);
if ($ldapconn) {
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
}
// do stuff here
假设一切顺利,并且我能够实际完成工作,那么如何保存此绑定,以便当用户单击第二页时,我无需再次使用其用户名/密码来执行ldap_bind.从本质上讲,出于安全性考虑,我不想将密码存储在会话中,但我想保留连接,以便可以在其他页面上重复使用它.
Assuming everything goes well and I'm able to actually do stuff, how can I save this bind so that when a user clicks on a 2nd page I don't need to again do an ldap_bind using their username/password. In essence I don't want to store the password in the session if avoidable for security purposes, but I'd like to keep the connection so that I can reuse it on other pages.
推荐答案
PHP LDAP不支持持久连接.根据您执行的LDAP查询类型和频率,您总是可以设置一个数据库,该数据库以加密状态存储用户名/密码,然后将ID保留在会话中的该记录中(存储用户名/密码的想法).类似于在此处回答的内容.也许,如果您对尝试做的事情有所了解,将会帮助我们指导您更好地实现目标.如果仅是为了验证登录名,那么一旦针对LDAP验证了登录名,您就可以在会话中输入一个值,以表明他们已被验证.
PHP LDAP doesn't support persistent connections. Depending on what kind of LDAP queries you're doing and how often, you could always set up a database that would store the username/password in encrypted state, then keep the ID to that record in the session (not a good idea to store usernames/passwords). Similar to what is answered here. Perhaps if you expand on what you're trying to do will help us guide you in a better direction on how to accomplish it. If it's simply for validating login then once they are validated against LDAP you can put a value in the session that says they're validated.
这篇关于保持LDAP会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!