如何使 SecurityTokenServiceConfiguration 从 app.config 加载配置信息

我正在使用.NET 4.5中包含的WIF框架创建一个STS。我正在使用WSTrustServiceHost类自托管此STS（目前）。为此，我正在执行以下操作：

var conf = new SecurityTokenServiceConfiguration("isser name here", true)
{
    DisableWsdl          = true,
    SecurityTokenService = typeof(MyTokenService),
};
var ct   = new WSTrustServiceContract(conf);
var host = new WSTrustServiceHost(ct);
host.Open();
// ...

如您所见，我true传递给 SecurityTokenServiceConfiguration 构造函数的 loadConfig 参数，文档说：

如果为 true，则从配置文件加载设置;否则为 false。

我的配置文件中有一个identityConfiguration元素，但它似乎没有加载。我可以对配置文件进行更改，例如我可以更改securityTokenHandlers，而这些更改不会反映在构造的SecurityTokenServiceConfiguration中。

在我的 app.config 文件中，我有以下内容：

<system.serviceModel>
    <behaviors>
        <serviceBehaviors>
            <behavior name="sts_behavior">
                <serviceCredentials useIdentityConfiguration="true" identityConfiguration="the_issuer_id">
                    <serviceCertificate findValue="7A5D7EB05EC741E45BF4EDA7E574F58DC31EF290" x509FindType="FindByThumbprint" storeName="My" storeLocation="LocalMachine" />
                </serviceCredentials>
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <bindings>
        <ws2007HttpBinding>
            <binding name="sts_binding">
                <security mode="Message">
                    <message clientCredentialType="UserName" />
                </security>
            </binding>
        </ws2007HttpBinding>
    </bindings>
    <services>
        <service name="System.ServiceModel.Security.WSTrustServiceContract" behaviorConfiguration="sts_behavior">
            <endpoint address="http://my-machine:54512/tokens" binding="ws2007HttpBinding" contract="System.ServiceModel.Security.IWSTrust13SyncContract" bindingConfiguration="sts_binding" />
        </service>
    </services>
</system.serviceModel>

如您所见，<serviceCredentials> 元素是指配置文件中存在的 <identityConfiguration> 元素，如果我将此名称更改为与该<identityConfiguration>元素不匹配，则在打开服务主机时会引发错误。但是，仍然没有使用此<identityConfiguration>元素，因为我可以<clear/>安全令牌处理程序，并且在收到请求时仍使用令牌处理程序。

如何使用最少的编程配置来配置和自托管自定义 STS？

//
// Summary:
//     Initializes a new instance of the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration
//     class that has the specified issuer name and signing credentials. Settings
//     are loaded from the specified named configuration.
//
// Parameters:
//   issuerName:
//     The issuer name. Sets the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.TokenIssuerName
//     property.
//
//   signingCredentials:
//     The signing credentials for the STS. Sets the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.SigningCredentials
//     property.
//
//   serviceName:
//     The name of the <identityConfiguration> element from which the configuration
//     is to be loaded.
public SecurityTokenServiceConfiguration(string issuerName, SigningCredentials signingCredentials, string serviceName);