Last updated: 
8 months 1 week ago
Group Manager
Project Moonshot is a Janet-led initiative, in partnership with the GÉANT project and others, to develop a single unifying technology for extending the benefits of federated identity to a broad range of non-Web services, including Cloud infrastructures, High Performance Computing & Grid infrastructures and other commonly deployed services including mail, file store, remote access and instant messaging. The goal of the technology is to enable the management of access to a broad range of services and applications, using a single technology and infrastructure. This is expected to significantly improve the delivery of these services by providing users with a common single sign-on, for both internal and external services. Service providers will be able to more easily offer their services to users from other organisations using a single common authentication mechanism. This will enhance the user’s experience, and reduce costs for those organisations supporting users, and delivering services to them. This group is for community of Moonshot users, whether you're new to the technology, you're currently evaluating and getting to grips with it, or you've deployed it. For the list of guidance available about Moonshot within this group, see the Start Here wiki page. Jisc Assent, the production service underpinned by the Moonshot technology, went live on 25th March 2015. For information on, or to join the Jisc Assent service, please visit

Trust Router v1.0 now available

6 September 2013 at 5:06pm

As announced at Trust Router 1.0 was officially released (and tagged in the git repository) this week. 

The following features have been added since the beta release:

  • The Trust Router checks COI and APC membership for both the rp_realm and target_realm in the received request.

  • The Trust Router checks the gss_name associated with an incoming connection and ensures that the rp_realm for each request on that connection matches an rp_permitted "accept" filter corresponding to that gss_name.

  • The TIDS running beside the IDP AAA Server now checks the gss_name on the incoming connection and will only accept incoming requests from a local Trust Router using the gss_name provided on the TIDS command line.

  • Improved error handling and reporting.

The above changes mean that a complete and consistent set of Trust Router configuration is now needed in order to get the Trust Router to work properly.

Please try out the new release and let us know at if you have any questions.