Clear LDAP connection session when closing a browser in ZF2

Question

I am working with the application using LDAP authentication in ZF2. I have given the logout option to exit from my application. If I click the log out button, then it is asking to enter the login credentials, It is fine.

Suppose, I closed the browser without clicking the log out button then open a browser again and access to my application url it does not ask login credentials which means that LDAP session still exists.

How can I clear the LDAP session on closing the browser and or accessing the application again, it should ask the Login credentials (username and password).

Please help me to solve this issue.

Answer 1

The method of authentication should not matter - whether you are using LDAP, MySQL tables or anything. You didn't mention if you are using a module (such as ZfcUser) for authentication, or vanilla ZF2, or how your sessions are configured.

From the information given, one of these should help you find your problem:

1) You are using a browser that is staying open "in the background", thus the session is staying open when you re-open the browser. To double check this, have a look at your process list / task manager for your OS and ensure the browser process has been exited completely.

2) You are storing the session using cookies (so that the session carries across a period of time , rather than a single browser session ). Look into the use_cookies , cookie_lifetime and remember_me_seconds session configuration options in ZF2.