FederationMetadata.xml Publish Process

Question

We are updating an ASP.NET Web Site project that uses ADFS 2.0 Authentication to use the one click "Publish Web Site" deployment process. We currently have three different FederationMetadata.xml files for each environment (dev, test, prod). How do we publish these files to each environment?

We use the web config transformation files for the web.config file. But I do not believe this can be used for xml files? From the searches that I have done I found two possible responses to this, neither seem very good. First one says to delete the FederationMetadata file and manually configure ADFS 2.0 (How do I change my WCF's FederationMetadata.xml file for various deployments?). We could do this but it seems like a step backwards. The second involves creating a dummy FederationMetadata file and populating it in the global.asax.cs file. (How to deploy asp.net web application to development team via TFS when setting up ADFS authentication). This approach seems very hackish and hardly the recommended approach.

Is there a recommended approach for this? Is there something obvious that I am not seeing? Any thoughts on this would be much appreciated!

Answer 1

If you indeed did manage to get the web.config correct then you can generate the metadata on the fly (per request). Same code for all environments. No need for the static file.
In telegram style just for the class names: For a Forms ASP.NET application it would be an HttpHandler (for MVC a controller). In the handler you must build a ApplicationServiceDescriptor, and use a MetadataSerializer to spit out the XML. Fill it with the info from FederatedAuthentication.WSFederationAuthenticationModule (which has obtained it from web.config).