I've seen solutions where you can restrict access in WCF using the membership in asp.net.(How do I restrict access to some methods in WCF?) But i'm wondering if there is anything similar using the FormsAuthenticationTicket.

I don't have the Membership configured on my site, and i'm using the FormsAuthenticationTicket and methods in WCF to log in and so on.

The WCF-Service is not configured to use SSL YET, because the man i work for have not bought a cert trough our hosting company(don't know if relevant)

The main thing is that i need to protect my some methods in my WCF-Service from unauthorized access, and if theres another simpler solution i would love some input on that to.

I'm very new to WCF and security overall, but familiar in ASP.NET and C#. I would love for some pedagogical answers, and not just a solution or ideá

UPDATE: Some pastebin links for my solution:

wcf.svc http://pastebin.com/S3bTPKaV

wcf webconfig: http://pastebin.com/Pshf7STz

Client Webconfig: http://pastebin.com/QY9252mB

This is possible and is commonly used - you have to guard your calls with the principal permission requirement.

Here is one of tutorials by myself

http://netpl.blogspot.com/2010/04/aspnet-forms-authentication-sharing-for.html

Don't let the title mislead you, this is not not only about Silverlight but any other way of accessing the WCF service that is capable of carrying cookies.