libnaw (the Network Authentication Wrapper Library) is, in essence, a global, uniform authentication method. It can be used as a preloadable library, enforcing desired authentication mechanisms in software that may not support sufficient authentication of its own (a lot of commercial software fits this profile, for example); it can also be accessed via a simple API and linked into your own software. Since libnaw is preloadable, it can be dropped in place as-is, without modification to the program binary.

When a connect() or an accept() call is made, libnaw intercepts the call, matching the connection against a ruleset that it keeps in a cdb (constant database). If it finds a matching entry, it will act on the connection based on the properties of that entry. Libnaw has the ability to act as a tcp_wrappers replacement that can be used with standalone daemons, or, more importantly, it supports loadable modules for any form of authentication that an administrator or user desires. Module use is optimized, and modules may communicate with each other through a built-in data hash.

Put simply, all of this means that you can configure the authentication mechanisms of all software on your system by way of a simple, dynamic configuration file.

View the README, INSTALL, and CONFIG files (available on the site without downloading the software) for more information.

Python bindings are included in the distribution. More language bindings will be added in the future.