How do I limit a function's callers to a particular logged-in user or role using WWSAPI?

I've been using http://blogs.msdn.com/b/haoxu/archive/2008/12/02/wwsapi-to-wcf-interop-nettcpbinding-with-transport-security.aspx as a guidelines on how to implement a secure connection using Windows Authentication. The next step for me is to use this to limit approved callers to either a login or a role/Windows group. I haven't been able to find out how to do this through the code samples I've found, so I'm wondering if anyone else has successfully implemented this.

开发者_如何学PythonThanks for any help forthcoming.

Edit: I'm basically looking for the equivalent of C#'s PrincipalPermission attribute.

After further investigation this isn't possible with WWSAPI.