Author: | Jon Parise |
---|---|
Contact: | jon@php.net |
Date: | 2004-08-11 |
Revision: | 1.1 |
Contents
The Auth_SASL PEAR package provides native PHP implementations of many of the SASL authentication mechanisms. In theory, those methods could call out to the SASL extension to compute those strings using the native C library, but I'm not sure the effort is worth it. I wouldn't object to the idea if someone did the work, though.
saslauthd needs to be running on the same machine as the SASL client (the PHP process, in your case). The libsasl library (that the SASL extension wraps) will communicate with the saslauthd process via a local Unix domain socket.
The saslauthd process loads the SASL authentication modules and performs the actual authentication. This may involve contacting a foreign machine (such as a remote Kerberos or LDAP server).
To complicate things even further, saslauthd can use PAM as its authentication backend, which opens up even more authentication possibilities (many of which may involve other hosts).