
Cyrus SASL documentation
************************

Jeroen van Meeuwen, Kolab Systems <vanmeeuwen@kolabsys.com>Dan White,
BTC Broadband <dwhite@olp.net>


Introduction
============

This document is an introduction to **Cyrus SASL**. It is not intended
to be an exhaustive reference for the SASL Application Programming
Interface (API), which is detailed in the SASL manual pages, and the
libsasl.h header file.


Contents
========

* Getting Started

  * SASL

  * SASL Authentication Mechanisms

  * Security Layers

  * Channel Binding

  * Realms

  * Protocols

  * Cyrus SASL

  * The Glue Library

  * Auxiliary Properties

  * Plugins

* Auxiliary Properties

  * Auxiliary Properties and the Glue Layer

  * Passwords and other Data

  * sasldb

  * ldapdb

  * sql

  * User Canonicalization

* Authentication Mechanisms

  * EXTERNAL

  * ANONYMOUS

  * PLAIN

  * LOGIN

  * CRAM-MD5

  * DIGEST-MD5

  * SCRAM-SHA-1

  * GSSAPI

  * GS2-KRB5

  * GS2-IAKERB

  * NTLM

  * SRP

  * PSSDSS

  * OTP

  * Non-SASL Authentication

* Pwcheck

  * Auxprop

  * Auxprop-hashed

  * Saslauthd

  * Authdaemon

  * Alwaystrue

  * Auto Transition

* Frequently Asked Questions

  * What is the difference between an Authorization ID and a
    Authentication ID?

  * Why do CRAM-MD5 and DIGEST-MD5 not work with CyrusSaslauthd?

  * How do I configure OpenLDAP +SASL+GSSAPI?

  * Why does CyrusSasl store plaintext passwords in its databases?

  * Why am I having a problem running dbconverter-2 to upgrade from
    SASLv1 to SASLv2?

* Cyrus SASL Migration
