web.config transform for microsoft.identitymodel configsection

Question

How does one go about transforming the audienceUris and federatedAuthentication elements in the microsoft.identitymodel configuration section using the standard visual studio web.config transforms?

For the development environment, we have all the subdomains postfixed with a '-dev' along with special localhost port numbers, for example: realm="https://client-dev.domain.com:444". Today the main web.config reflects this but ideally we would like to move this setting to Web.Debug.config and in the Web.Release.config we would like to specify the proper audience and realms sans the '-dev' postfix and the local port settings. However, attempting to put xdt:Transform="Replace" in the microsoft.identitymodel element inside the Web.Debug.Config results in this warning:

The 'http://schemas.microsoft.com/XML-Document-Transform:transform' attribute is not declared.

and of course runtime failures (not being able to find servicecertificate for example).

Here's the microsoft.identitymodel sections:

<configuration>
  <configSections>
    <section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
  </configSections>

  <microsoft.identityModel>
    <service>
      <applicationService>
        <claimTypeRequired>
          <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" optional="false" />
          <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="false" />
        </claimTypeRequired>
      </applicationService>
      <serviceCertificate>
        <certificateReference x509FindType="FindByThumbprint" findValue="NNNNNNNNNN" storeLocation="LocalMachine" storeName="My" />
      </serviceCertificate>
      <certificateValidation certificateValidationMode="None" />
      <audienceUris>
        <add value="https://url/" />
      </audienceUris>
      <federatedAuthentication>
        <wsFederation passiveRedirectEnabled="true" issuer="https://url/" realm="https://url/" requireHttps="true" />
        <cookieHandler requireSsl="true" />
      </federatedAuthentication>
      <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
        <trustedIssuers>
          <add thumbprint="NNNNNNNNNN" name="https://url/" />
        </trustedIssuers>
      </issuerNameRegistry>
    </service>
  </microsoft.identityModel>
<configuration>

Existing solutions that don't work:

1) Same issue was raised here but no proper response. The RemoveAll and Insert doesn't work: Web config transform on microsoft.identityModel - 'http://schemas.microsoft.com/XML-Document-Transform' attribute is not declared

2) Also, tried to manipulate the namespace as suggested on this thread and this doesn't work either: http://social.msdn.microsoft.com/Forums/en-US/csharpgeneral/thread/9ededb66-3e34-4bba-8e20-a2cc6025f0f9

3) configSource looked promising but again does work when specified in the microsoft.identitymodel element. I get:

Warning 1   The 'configSource' attribute is not declared.

http://blog.andreloker.de/post/2008/06/16/Keep-your-config-clean-with-external-config-files.aspx

Any help will be appreciated! Thanks.

score 1 · Accepted Answer · answered Oct 03 '12 at 05:35

After a lot of trial and error, I resorted to using XMLPreProcess by Loren Halvorson to auto-generate the correct Web.config from a TemplateWeb.config as part of the pre-Build event for each project.

Although I would have liked Visual Studio's attempt at this to work for developers, alas, time is of money and its time for me to move on. Needless to say, it's broken in the SQL Azure SDK as well because the transforms only occured when you publish a site. In the latest Azure SDK, that is no longer the case and hence transforms stopped working as well. Oh joy!

Here's a link to the excellent tool, I think, a must-have for every ASP.NET developer:

http://xmlpreprocess.codeplex.com/

Updated link https://github.com/lorenh/xmlpreprocess – ΩmegaMan Aug 01 '21 at 20:32 — ΩmegaMan, Aug 01 '21 at 20:32

web.config transform for microsoft.identitymodel configsection

1 Answers1