The sasl authorization callback
#include <sasl/sasl.h> int sasl_authorize_t(void *context, const char *requested_user, unsigned alen, const char *auth_identity, unsigned alen, const char *def_realm, unsigned urlen, struct propctx *propctx)
sasl_authorize_t is used to check whether the authorized user auth_identity may act as the user requested_user. For example the user root may wish to authenticate with his credentials but act as the user tmartin (with all of tmartin's rights not roots). A server application should be very careful, and probably err on the side of caution, when determining which users may proxy as whom.
SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.