System Administration Guide: Security Services
Previous Next

SASL (Overview)

The Simple Authentication and Security Layer (SASL) is a framework that provides authentication and optional security services to network protocols. An application calls the SASL library, /usr/lib/libsasl.so, which provides a glue layer between the application and the various SASL mechanisms. The mechanisms are used in the authentication process and in providing optional security services. The version of SASL delivered with the Solaris 10 release is derived from the Cyrus SASL with a few changes.

SASL provides the following services:

  • Loading of any plug-ins

  • Determining the necessary security options from the application to aid in the choice of a security mechanism

  • Listing of plug-ins that are available to the application

  • Choosing the best mechanism from a list of available mechanisms for a particular authentication attempt

  • Routing the authentication data between the application and the chosen mechanism

  • Providing information about the SASL negotiation back to the application

Previous Next