The Cyrus SASL (Simple Authentication and Security Layer) SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. FEATURES -------- The following mechanisms are included in this distribution: ANONYMOUS CRAM-MD5 DIGEST-MD5 GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5) KERBEROS_V4 PLAIN The library can use a Berkeley DB, gdbm or ndbm file on the server side to store per-user authentication secrets. The utility saslpasswd has been included for adding authentication secrets to the file. PLAIN can either check /etc/passwd, Kerberos V4, use PAM, or the sasl secrets database. By default PAM is used if PAM is found, then Kerberos, finally /etc/passwd (non-shadow). This is tweakable in the configuration file. Please see "${PREFIX}/share/doc/cyrus-sasl2/html/sysadmin.html". The sample directory contains two programs which provide a reference for using the library, as well as making it easy to test a mechanism on the command line. See "${PREFIX}/share/doc/cyrus-sasl2/html/programming.html" for more information. WWW: http://asg.web.cmu.edu/sasl/