Securing WCF service using basicHttpBinding which supports streaming

Question

My question is in regards to the best (aka \"least painful\") way to secure access to a WCF service that is only exposed to our company\'s internal users. The goal is to ensure

Answer 1

If this is going to be an application that lives on the intranet it might be easiest to just create a new group in your Active Directory and only give members of that group the ability to use the service.

You can add Authentication (using windows credentials) with something like this:

Could then Authorise by decorating the Interface to your services methods:

 _ 
Public Function MyMethod() As String Implements IService.MyMethod 

Heres a good link to Security in WCF. It has lots of How To's at the end (the one titled 'How To - Use basicHttpBinding with Windows Authentication and TransportCreditals' might be of use to you).
Wcf Secruity

[Disclaimer: I'm also new to WCF and haven’t done this exact case before so apologises if this is slightly off!]