Have configured WCF service to implement authentication using AD(Active Directory), when a request comes from the client it is authenticated aginst active directory and either allow access or deny based on the credentials passed to the service.
Authorization using ASP.NET Role provider
Have implemented the method level authorization using SecurityPermission attribute, which checks the role data in ASP.NET Services database( in other words Membership database) against aspnet_roles, aspnet_Users_InRoles tables to allow / deny access to particular
It works well with single instance of service, where the request is from mutliple client applicaitons.
In the above implementation, WCF service is configured to use ASP.NET Membership database to implement authorization to authorize access to particular methods.
Would like to know if it is feasible/best practice to utilise the same instance of ASP.NET Membership databse to implement Role based authorization on number of WCF services.