httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kutschker <>
Subject SASL
Date Fri, 07 Feb 2003 15:19:44 GMT
Date: Sun, 26 Jan 2003 20:51:30 -0800
From: Aaron Bannert <>
Subject: Re: merging httpd-pop3 into httpd-2.0?

On Sunday, January 26, 2003, at 05:59 AM, Martin Kutschker wrote:
> > SASL is such a plugable authentication. Though it fails to be easily
> > extendable. Perhaps an ASF xp implementation of the RFC is of
> > interest.
> We'd be happy to entertain proposals. :)

Thinking about it more, I am not sure if an ASF version of SASL is too exciting, though it
would make sense to have something like the server side part of SASL.

SASL, or better, the SASL modules implement authentication mechanisms that may be used by
different servers/protocols. The splitting of the authentication modules should provide something
similar. SASL also has functions to list all supported mechanisms (so they can be presented
to the client). AFAIK, there is no such mechanism in APR/Apache.

So SASL is for an multi-protocol Apache of interest, but there are already routines to do
the job. A standalone implementation (to be used by Apache) has certainly merits, but would
be of limited use for other apps, because it would impose a dependency to the APR - or so
me thinks (which may be indesireable). Wouldn't make sense to re-implement the xp stuff again.

It's a nice one to have, but not a must have then.


View raw message