I will be hosting a basic HTTP WCF service using Window Service / Service Host. I would like to limit the service to 2 specific window active directory users and these accounts will vary between PRD and DEV environments so they will be set in a config file.
I was wondering what is the best way to do this, I know normally if I was hosting the service using IIS then I could limit it in the Web.config: http://www.rickgaribay.net/archive/2007/04/04/recipe-wcf-basichttpbinding-with-windows-authentication.aspx However since i'm hosting using ServiceHost then I don't believe this is an option.
From what I read it seems possible to do this using PrincipalPermission Declarative attribute at the service class level: http://msdn.microsoft.com/en-us/library/vstudio/ms731200(v=vs.100).aspx However I'm not too clear whether this will pass the window account of window service or the account which made the HTTP request. What I need is to pass the HTTP request account. Also, with declartive attributes, is it possible to use a config file attribute rather than a hard coded one?
Any suggestions, if you need any more info then let me know.