This feature is new in the Solaris Express 12/03 release.
Simple Authentication and Security Layer (SASL) provides developers of applications and shared libraries with interfaces for adding authentication, data integrity checking, and encryption to connection-based protocols.
SASL consists of the following items:
Library, libsasl, which provides an API for applications that need authentication, privacy, and integrity services
Service provider interface (SPI) for third-party plug-ins to add new authentication methods, name canonicalization rules, and property stores
Header files for development
Plug-ins that are supplied by Sun for these mechanisms:
EXTERNAL
PLAIN
CRAM-MD5
DIGEST-MD5
GSS-API
GSS-SPNEGO
SASL enables the developer to write to a generic API without having to be concerned about the details of security mechanisms. When developed to use SASL appropriately, servers and clients can use new security mechanisms, naming and user canonicalization plug-ins, and auxprop plug-ins without recompilation.
SASL is described in RFC 2222. SASL is particularly appropriate for applications that use the following protocols that support SASL:
IMAP
SMTP
ACAP
LDAP
For more information about SASL, see the libsasl(3LIB) man page. See also the Solaris Security for Developers Guide.