Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

About SASL

The Simple Authentication and Security Layer (SASL) is a framework that provides authentication and optional security services to network protocols. An application calls the SASL library, /usr/lib/, which provides a glue layer between the application and the various SASL mechanisms. The mechanisms are used in the authentication process and in providing optional security services. The version of SASL is derived from the Cyrus SASL with a few changes.

    SASL provides the following services:

  • Loading of any plugins

  • Determining the necessary security options from the application to aid in the choice of a security mechanism

  • Listing of plugins that are available to the application

  • Choosing the best mechanism from a list of available mechanisms for a particular authentication attempt

  • Routing the authentication data between the application and the chosen mechanism

  • Providing information about the SASL negotiation back to the application