Basic LDAP does not provide anything like this. The credentials that you specify when binding are used for the rest of the connection, so if you can maintain an LDAP connection to multiple HTTP requests (and share LDAP connections among all the server jobs you run), you can avoid saving the credentials.
There are various extensions for LDAP floating around (including several in Active Directory), so it is possible that one of them adds sessions through connections, but if so, I don’t know about that.
As a workaround, since Active Directory supports GSSAPI and because of how Kerberos works, you should be able to use your user credentials to request a Kerberos ticket to access LDAP, and then save this ticket as your "state / session /? ? " marker. This Kerberos ticket will only be valid for LDAP access and will automatically expire, so this will avoid storing user credentials in the session. I do not know if your LDAP library supports GSSAPI and will give you enough control for this or not.