Hi guys,
I've been studying a little more in detail the format of the
trusts.cfg file, and I have some doubts that I'd like to share with
you.
1) The JSON format allows for defining more than one APC. Is this
actually possible? Would it make any sense? If so, how do you
configure the TR to use the different identities that it would have
for each one of the different APCs?
2) In the line of the first question, communities have a parameter
called "apcs", which is either a list of APCs or a empty value. Is
it possible that a community belong to several APCs? Or is this list
just required to represent the "empty" value in JSON (instead of,
for example, "")?
3) Idp_realms have a parameter called "apcs". Either if this allows
several values or just one, can't this value be obtained from the
communities' idp_realms sections? I mean, imagine I have defined
that the APC community has something as:
{
"apcs": [],
"community_id": "apc.example.org",
"idp_realms": [
"idp_realm1",
"idp_realm2"
],
"rp_realms": [
"rp_realm1"
],
"type": "apc",
"expiration_interval": 10
}
When it comes to define idp_realm1, it is obvious that it should
include "apc.example.org" on its "apcs" list.
Best regards,
Alejandro