How to authorize users against Windows groups
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
Map Windows groups to WCF service methods using the WCF PrincipalPermission attribute. Incoming client username credentials will be mapped to the associated Windows group. Service method access will be granted to a user only if they are a member of the group
associated with the service method being called.
The following example demonstrates how the WCF service “Add” will only run for users belonging to the “CalculatorClients” Windows group.
// Only members of the CalculatorClients group can call this method.
[PrincipalPermission(SecurityAction.Demand, Role = "CalculatorClients")]
public double Add(double a, double b)
return a + b;