...
Once the user has successfully authenticated to the IdP, the IdP in turn responds to the Service via its RP proxy; it may provide information solely to acknowledge that a user authenticated correctly, or it may provide further information in the form of attributes such as name or membership information.
Trust Infrastructure
The trust infrastructure is usually managed by an NREN and consists of a classic hierarchical RADIUS network (such as eduroam) or a Moonshot-based Trust Router network (such as the Jisc Assent service). The trust infrastructure holds information on all RP Proxies and IdPs in the network, and introduces RP Proxies to IdPs on an as-needed basis to establish trust between the two parties. Once that introduction is made, the RP Proxy can speak to the IdP without any further interaction with the trust infrastructure until the trust expires, after which the next request from a user prompts another introduction cycle.
| Info |
|---|
For a much more detailed look at the various components, associated libraries, and protocols, see The Components of Moonshot under Advanced Information. |