In PHP, say I have an LDAP connection on page 1:
$ldapconn = ldap_connect($ldapserver);
if ($ldapconn) {
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
}
// do stuff here
Assuming everything goes well and I'm able to actually do stuff, how can I save this bind so that when a user clicks on a 2nd page I don't need to again do an ldap_bind using their username/password. In essence I don't want to store the password in the session if avoidable for security purposes, but I'd like to keep the connection so that I can reuse it on other pages.
PHP LDAP doesn't support persistent connections. Depending on what kind of LDAP queries you're doing and how often, you could always set up a database that would store the username/password in encrypted state, then keep the ID to that record in the session (not a good idea to store usernames/passwords). Similar to what is answered here. Perhaps if you expand on what you're trying to do will help us guide you in a better direction on how to accomplish it. If it's simply for validating login then once they are validated against LDAP you can put a value in the session that says they're validated.
What I've done in past is if you have control over the LDAP server is have a "query" user that has only read rights. You store this as global in a config file, or database and do all your binding with this account anytime you need to do simple queries, and only use the username and password on initial authentication.
An alternative solution would be instead of re-checking if they are logged in create a cookie or session with some string that tells you the user is logged in.
Then on new pages just verify if that session exists. Add a timeout so the logged in cookie expires if not updated in say 10 minutes.