Justin Erenkrantz wrote: > Since I think LDAP connections are cheap (cf. database connections which > are typically very expensive to bring up), I don't think it'd be a > problem to just unbind/disconnect each time. I think it makes sense to > have each module have its own separate LDAP connection - rather than > sharing them across the entire system.
LDAP connections are cheaper than database connections, but they are
still expensive - especially with one
connect/bind/search/unbind/disconnect per hit to the webserver. Each
module process will end up with their own individual connection.
> However, if you are binding as the anonymous LDAP user, you could
> certainly just keep the connection open as there is no security risk at
> all. For non-anonymous bindings, I'd think it'd be best if you keep
> that connection open for as short a time as possible and don't reuse
> it.
>
> My $.02. You could really go any way you want with this. -- justin
The difference between the two is a single ldap_unbind() call that
either does or doesn't happen :)
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
smime.p7s
Description: S/MIME Cryptographic Signature
