Silverlight - How to consume a WCF service from the client with windows authentication

I have a silverlight 4 application and I need the client to consume a WCF service secured with SSL and using windows authentication. Only members of a certain active directory group should be able to call the WCF service.

Here is my web.config. With the current configuration anyone can call the WCF service. what should be the correct values?

Thanks, Kruvi

<configuration>

  <system.diagnostics>

  </system.diagnostics>



  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <customErrors mode="On" defaultRedirect="~\Errors\Error.htm">
      <error statusCode="404" redirect="~\Errors\404.htm"/>
    </customErrors>
  </system.web>

  <connectionStrings>

  </connectionStrings>

  <system.serviceModel>

    <diagnostics>

    </diagnostics>


    <extensions>
      <behaviorExtensions>
        <add name="silverlightFaults"
             type="ZCUtils.SilverlightFaultBehavior, ZCUtils, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
      </behaviorExtensions>
    </extensions>

    <behaviors>
      <endpointBehaviors>
        <behavior name="SilverlightFaultBehavior">
          <silverlightFaults />
        </behavior>
      </endpointBehaviors>

      <serviceBehaviors>
        <behavior name="ZCBehavior">
          <serviceMetadata httpsGetEnabled="true" />          
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>

    </behaviors>

    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBindingSsl" maxReceivedMessageSize开发者_开发技巧="2147483647" maxBufferSize="2147483647">
          <security mode="Transport" />
        </binding>
      </basicHttpBinding>        
    </bindings>

    <serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />

    <services>
      <service name="ZC.Web.Services.ZCServices" behaviorConfiguration="ZCBehavior">
        <endpoint address="" behaviorConfiguration="SilverlightFaultBehavior"
          binding="basicHttpBinding" bindingConfiguration="BasicHttpBindingSsl"
          contract="ZC.Web.Services.ZCServices" />
      </service>
    </services>

  </system.serviceModel>
</configuration>

The following article shows how to secure a WCF service with Windows auth for Silverlight clients:

http://msdn.microsoft.com/en-us/library/dd744835(v=vs.95).aspx

This article talks about using the PrincipalPermissionAttribute, which will allow you to restrict with groups can call a particular service operation:

http://msdn.microsoft.com/en-us/library/ms731200.aspx