See D5.4 section 3.2 "Installation and Configuration Instruction" for full description of Trust Inputs and in particular specifying policies that capture trust inputs.
The trust inputs are specified as discovery options, e.g.
urn:tas3:trust:input:ctl1:policyid=ABC urn:tas3:trust:input:ctl1:ranking=avgfeedback urn:tas3:trust:input:ctl1:ranking=oct
where "ctl1" identifies the input as conformant to Combined Trust Language version 1 and "policyid=ABC", "ranking=oct", etc., are the trust language specific parameters.
The Discovery service will pass the discovery options to the Trust PDP as XACML environment attributes as follows:
<xasp:XACMLAuthzDecisionQuery ID="RmQtc_SvgPVYANCPrELYfjl59"
IssueInstant="2009-12-19T11:33:54Z"
Version="2.0"
xmlns:xasp="urn:oasis:xacml:2.0:saml:protocol:schema:os">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</>
<sa:Issuer xmlns:sa="urn:oasis:names:tc:SAML:2.0:assertion">http://sp.tas3.pt:8080/zxidservlet/sso?o=B</sa:Issuer>
<xac:Request xmlns:xac="urn:oasis:names:tc:xacml:2.0:context:schema:os">
<xac:Action>
<xac:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
DataType="http://www.w3.org/2001/XMLSchema#string">
<xac:AttributeValue>Show</xac:AttributeValue>
</xac:Attribute>
</xac:Action>
<xac:Environment>
<xac:Attribute AttributeId="urn:tas3:trust:input:ctl1:policyid"
DataType="http://www.w3.org/2001/XMLSchema#string">
<xac:AttributeValue>ABC</xac:AttributeValue>
</xac:Attribute>
<xac:Attribute AttributeId="urn:tas3:trust:input:ctl1:ranking"
DataType="http://www.w3.org/2001/XMLSchema#string">
<xac:AttributeValue>avgfeedback</xac:AttributeValue>
</xac:Attribute>
<xac:Attribute AttributeId="urn:tas3:trust:input:ctl1:ranking"
DataType="http://www.w3.org/2001/XMLSchema#string">
<xac:AttributeValue>oct</xac:AttributeValue>
</xac:Attribute>
</xac:Environment>
<xac:Resource>...</xac:Resource>
<xac:Subject>...</xac:Subject>
</xac:Request>
</xasp:XACMLAuthzDecisionQuery>
Please note that the policyid refers to a policy that has been precreated at the Trust PDP and that expresses minimum values for the various trust parameters.
In terms of API the values would be passed as follows (line has been wrapped before ampersands for readability):
epr = tas3_get_epr(cf, ses, "urn:service:type", null,
"urn:tas3:trust:ctl1:input:policyid=ABC
&urn:tas3:trust:ctl1:input:ranking=avgfeedback
&urn:tas3:trust:ctl1:input:ranking=oct",
"Show", 1);
Calling tas3_get_epr() allows user interface with trust scorings to be presented. If this is not of interest, the discovery options can be given directly to tas3_call() function:
ret = tas3_call(cf, ses, "urn:service:type", null,
"urn:tas3:trust:ctl1:input:policyid=ABC
&urn:tas3:trust:ctl1:input:ranking=avgfeedback
&urn:tas3:trust:ctl1:input:ranking=oct",
null, "<Request/>");
A way to test Trust negotiation from command line is
./zxcall -d -a https://idp.tas3.eu/zxididp?o=B bh:betty -t urn:tas3:karlsruhe:test:service-discovery-test::2010-01-21 -di 'urn:tas3:trust:ctl1:input:policyid=ABC&urn:tas3:trust:ctl1:input:ranking=avgfeedback&urn:tas3:trust:ctl1:input:ranking=oct' -e '<Request/>'