SASL is a method for adding authentication support to connection-based
protocols.  To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection
of subsequent protocol interactions.  If its use is negotiated, a security
layer is inserted between the protocol and the connection.

This is the Cyrus SASL plugin that implements the GSSAPI authentication
mechanism.