Authorization attribute for an WCF webservice ASP.Net C# 4.0

Part of the team has created a WCF web service, and I have to protected it by using Asp.Net Roles. I have thought in a number of possibilities, like creating an authoriz开发者_开发知识库ation attribute (similar to the one in the MVC framework) but I feel completely lost. Anyone any idea where to start?

Any response is appreciated. Thanks

I use a custom UserNamePasswordValidator to secure WCF services.

Check this blog post: http://codebetter.com/petervanooijen/2010/03/22/a-simple-wcf-service-with-username-password-authentication-the-things-they-don-t-tell-you/

I think you should use a Custom Role Provider. It can be used manually from the code or using PrincipalPermissionAttribute. When WCF service method is decorated with the attribute your Role Provider will be used (it should be defined in web.config file) in order to authorize the user