The ActAs and OnBehalfOf SecurityTokenHandlersCollection cannot be modified from App.config

The ActAs and OnBehalfOf SecurityTokenHandlersCollection cannot be modified from App.config by godefroi

Active

Type:	Bug
ID:	777919
Opened:	1/30/2013 2:14:43 PM
Access Restriction:	Public

Workaround(s)

view

User(s) can reproduce this bug

In the documentation for the <securityTokenHandlers> element (http://msdn.microsoft.com/en-us/library/hh568671.aspx), it is stated that the "name" attribute can be used to specify SecurityTokenHandler types for the ActAs and OnBehalfOf collections. In practice, however, this does not work.

Details (expand)

.NET Framework 4.5

In the App.config, place the following section:

<system.identityModel>
<identityConfiguration name="idconf">
    <securityTokenHandlers name="ActAs">
     <add type="System.IdentityModel.Tokens.WindowsUserNameSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </securityTokenHandlers>
</identityConfiguration>
</system.identityModel>

When the application is started and configuration is loaded, the following error is given:

Unhandled Exception: System.ArgumentException: ID0005: The input 'configElement.ElementInformation.Properties' collection does not contain a property named 'ActAs'.

English

Windows 8

English

Unhandled Exception: System.ArgumentException: ID0005: The input 'configElement.ElementInformation.Properties' collection does not contain a property named 'ActAs'.
Parameter name: configElement
at System.IdentityModel.DiagnosticUtility.ThrowHelperConfigurationError(ConfigurationElement configElement, String propertyName, Exception inner)
at System.IdentityModel.Configuration.IdentityConfiguration.LoadHandlers(IdentityConfigurationElement serviceElement)
at System.IdentityModel.Configuration.IdentityConfiguration.LoadConfiguration(IdentityConfigurationElement element)
at System.IdentityModel.Configuration.IdentityConfiguration..ctor(String identityConfigurationName)
at System.IdentityModel.Configuration.SecurityTokenServiceConfiguration..ctor(String issuerName, SigningCredentials signingCredentials, String serviceName)
...

The supplied types are placed into the "ActAs" SecurityTokenHandlersCollection.

File Name	Submitted By	Submitted On	File Size
show_actas_bug.zip	godefroi	2/5/2013	3 KB

Posted by Microsoft on 2/7/2013 at 12:23 AM

Thanks for your update. We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.

Posted by godefroi on 2/5/2013 at 9:25 AM

It turns out that you can manipulate the collection if you stick to the built-in types, but attempting to add a custom type to the collection triggers the error. I attached a project with a minimal reproduction recipe.

Posted by godefroi on 2/5/2013 at 9:03 AM

I apologize; I missed your earlier comment. I am narrowing down a minimal reproduction recipe as I write this.

Posted by Microsoft on 2/5/2013 at 1:57 AM

Hello,

Sorry for bothering. Is there any update?

It would be greatly appreciated if you could provide us with that information as quickly as possible.

Thank you!

Posted by Microsoft on 1/30/2013 at 10:15 PM

Thank you for submitting feedback on Visual Studio and .NET Framework. In order to efficiently investigate and reproduce this issue, we are requesting additional information outlined below.

Could you please give us a demo project to demonstrate this issue so that we can conduct further research?

Please submit this information to us within 4 business days. We look forward to hearing from you with this information.

Microsoft Visual Studio Connect Support Team

Posted by Microsoft on 1/30/2013 at 2:50 PM

Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)