If you store role information in Windows Groups, consider using the WCF PrincipalPermissionAttribute class for roles authorization
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
Map Windows groups to WCF service methods using the WCF PrincipalPermission attribute. Incoming client username credentials will be mapped to its associated Windows groups. Service method access will be granted to user if the user is a member of the group associated
with the service method being called.
The following example demonstrates how the WCF service “Add” will only run for users belonging to the “CalculatorClients” Windows group.
// Only members of the CalculatorClients group can call this method.
[PrincipalPermission(SecurityAction.Demand, Role = "CalculatorClients")]
public double Add(double a, double b)
return a + b;