I have a WCF service that will have its own app pool and the pool will need to execute as a specific domain account. The service will be access from an ASP.net app on the same server. Both will use windows authentication, but I want to limit access to the service and the app to a specific domain group.
Are .NET authorization rules what I need to look at?
Will the request from the web app to the WCF service come in with the users credentials or as "network service"?
I wont wont to set a specific identity on the app pool for the web app.