This week's book giveaway is in the OCAJP forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide 1Z0-808 and have Jeanne Boyarsky & Scott Selikoff on-line! See this thread for details.
I am definitely not an expert on SASL, and it seems to me a rather specialized issue. It is a protocol that allows client and server to negotiate an authentication mechanism. SASL is used by LDAPv3 and IMAP. However, if all you want is talk to LDAP or IMAP servers, then you need not worry about SASL--the JNDI and JavaMail APIs have the necessary plumbing built-in. You would worry about SASL if you wanted to implement your own client and server application and have the benefits of the SASL protocol. According to http://java.sun.com/j2se/5.0/docs/guide/security/sasl/sasl-refguide.html, SASL is more lightweight than using SSL or Kerberos (via Java GSS).