Feature Request: Authentication enhancement

[Razvan Popovici]

 Rsync works great, but for many network administrators it is difficult to
 manage a secondary user database to secure the rsync paths.
 The proposal is to develop an option for the rsync (daemon and client) so
 they can load some "security modules" developed as dynamic libraries. This
 approach would keep the rsync itself  platform independent, while the
 security modules can be very platform dependent, since they would be able
to
 manage Windows, Radix, ldap or unix password file authentication.
 Actual password-file security system can be re-written as a build-in
default
 authentication module, of course platform idependent.
 I think this is according to the philosophy of the product, since rsync
 handles with file synchronisation it doesn't need to be also an expert in
 security.

 Sample:
 Let's assume that the daemon and the client are running on windows
machines.
 It is desired to implement a windows security approach, therefore any user
 that is able to read/write the main directory of the module should be
 allowed to write/read it.
 Server would be started with the projected option
 '--security-module=windows' so it will search for the
 'rsyncwindowsserver.dll' on start.
 On the client side, with the same option, the 'rsyncwindowsclient.dll'
would
 be loaded. If no username and password is given, the actual security token
 would be sent to the server as authentication, else the user and password
 given in command line. The rsync daemon would call the 'authenticate'
 function from the server DLL and based on the aswer of the function it will
 allow or deny the client access and it would elaborate an welcome/error
 message.

 I would be pleased to receive comments, improvements ideas and critics from
you.
 Since I am a programmer, I would be delighted to help writing this feature.

 Regards,
 Razvan