LDAP / PHP-何时解除绑定
[英]LDAP/PHP - When to Unbind
问题描述
I have around 12 PHP functions, each one makes a call to $ldap_connect which makes use of ldap_bind() 
我大约有12个PHP函数,每个函数都调用$ ldap_connect,它使用ldap_bind()
So - does this mean that when I call all functions my ldap server makes 12 ldap binds? 所以-这是否意味着当我调用所有函数时,我的ldap服务器会进行12个ldap绑定?
If so - when should the ldap_unbind() function be used? 如果是这样-何时应使用ldap_unbind()函数? I have tried searching this but nothing fruitful came up, all I seemed to find was "unbind every time" but that isn't really specific. 我曾尝试搜索此文件,但没有任何成果,我似乎发现“每次都解除绑定”,但这并不是很具体。 Does that mean put an unbind in all 12 functions just before it returns the data or unbind on my logout page where I also do a session_destroy() ? 这是否意味着在返回数据之前将所有12个函数都取消绑定,或者在我也执行session_destroy()的注销页面上取消绑定?
Thanks 谢谢
EDIT: CODE 编辑:代码
function create_ldap_connection($username, $password) {
$ip = "MY LDAP SERVER";
$port = 389;
/* Binding */
$username = "DOMAIN\\" . $username;
$ldap_conn = ldap_connect($ip, $port) or die("Sorry! Could not connect to LDAP server ($ip)");
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("Couldn't set option version 3");
$starttls = ldap_start_tls($ldap_conn) or die ("Couldn't start secure TLS connection");
$result = ldap_bind($ldap_conn, $username, $password) or die("Error: Couldn't bind to server using provided credentials!");
if($result) {
return $ldap_conn;
} else {
die("
Error: Couldn't bind to server with supplied credentials!");
}
}
Then I use $ldap_conn = create_ldap_connection($user, $pass); 然后我使用$ ldap_conn = create_ldap_connection($ user,$ pass);
So, my 2 of my functions would be: 因此,我的两个职能将是:
function get_user_givenName($ldap_conn, $user_name, $ou) {
$basedn = "MY BASE DN";
$searchResults = ldap_search($ldap_conn, $basedn, $user_name);
if (!is_resource($searchResults))
die('Error in search results.');
$entry = ldap_first_entry($ldap_conn, $searchResults);
$attrs = ldap_get_attributes($ldap_conn, $entry);
return $attrs["givenName"][0];
}
function get_user_cn($ldap_conn, $user_name, $ou) {
$basedn = "MY BASE DN";
$searchResults = ldap_search($ldap_conn, $basedn, $user_name);
if (!is_resource($searchResults))
die('Error in search results.');
$entry = ldap_first_entry($ldap_conn, $searchResults);
$attrs = ldap_get_attributes($ldap_conn, $entry);
return $attrs["cn"][0];
}
1 个解决方案
解决方案1
2 已采纳 2015-07-15 05:39:29
As soon as you bind on a connection a previous bind on that connection is "unbound" and replaced with the current bind. 一旦在一个连接上绑定,该连接上的先前绑定就会“解除绑定”,并替换为当前绑定。 So there is no need to use unbind 12 times if you use the same connection. 因此,如果使用相同的连接,则无需使用unbind 12次。
But when you connect and bind 12 times chances are great that you have 12 concurrent connections to the LDAP-Server which might not really be what you want. 但是,当您连接并绑定12次时,很有可能您与LDAP服务器有12个并发连接,而这并不是您真正想要的。
So perhaps you should reconsider the setup of your functions to call ldap_connect (and ldap_bind ) once and then use that connection 12 times instead of creating that connection 12 times. 因此,也许您应该重新考虑函数的设置以一次调用ldap_connect (和ldap_bind ),然后使用该连接12次而不是创建该连接12次。 That might reduce the overhead. 这样可以减少开销。
A good example would be something like this: 一个很好的例子是这样的:
$con = ldap_connect([$params]);
ldap_bind($con, [remaining params]);
ldap_[otherfunc]($con, [remaining params]);
A bad example would be something like this: 一个不好的例子是这样的:
function connect() {
$con = ldap_connect([params]);
ldap_bind($con, [remaining params]);
return $con;
}
ldap_[otehrfunc](conncet(), [remaining params]);
That would create a new ldap-connection on every call to connect() . 这将在对connect()每次调用上创建一个新的ldap-connection。
To change that into a "good" example you should change that as follows to use the connection multiple times: 要将其更改为“好”示例,应进行如下更改以多次使用连接:
$con = connect();
ldap_[otherfunc]($con, [remaining params]);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.