The Simple Authentication and Security Layer (SASL) is a framework that provides authentication and optional security services to network protocols. An application calls the SASL library, /usr/lib/libsasl.so, which provides a glue layer between the application and the various SASL mechanisms. The mechanisms are used in the authentication process and in providing optional security services. The version of SASL is derived from the Cyrus SASL with a few changes.
SASL provides the following services:
Loading of any plugins
Determining the necessary security options from the application to aid in the choice of a security mechanism
Listing of plugins that are available to the application
Choosing the best mechanism from a list of available mechanisms for a particular authentication attempt
Routing the authentication data between the application and the chosen mechanism
Providing information about the SASL negotiation back to the application