如何在PHP会话中安全地存储密码(用于针对API的重用)

Situation:

I have two systems, a Java-API requiring user/password checking credentials against LDAP and a frontend for that API written in PHP. The frontend probably needs to store the user/password combination in a session.

Suggestion:

I would use a block cipher implementation like Zend\Crypt (<2.5) [1] with AES and use simple PHP sessions (probably file based).

Question:

1.) Is encryption of the password the only choice?

2.) What encryption/mode would you suggest regarding a good compromise between safety and speed

Password hashing is NOT an option because the API requires the plain password.

[1] https://framework.zend.com/manual/2.4/en/modules/zend.crypt.block-cipher.html