- WCF Impersonation - Specifying Windows Authentication Credentials on the Service Host Side of the WCF
***************************************************************************************
I was searching for Windows Authentication for WCF Service, Every where people discussed the authentication from client not on service but I was not really interested from client, I had to do the service side authentication based on impersonated User Id and I couldn't found the best approach to do this.

I found one solution which I would like to share with you in four easy steps as below.

Step 1: Turn aspNetCompatibilityEnabled="true" under system.serviceModel.
This value defaults to “false” if not specified. Setting this value to “true” indicates that all WCF services running in the application run in ASP.NET Compatibility Mode.

Step 2: Add the System.ServiceModel.Activation namespace in your service implementation class.

Step 3: put the AspNetCompatibilityRequirementsAttribute on service Implementation class.

Because ASP.NET Compatibility Mode implies request processing semantics that are fundamentally different from the WCF default, individual service implementations have the ability to control whether they run inside of an application for which ASP.NET Compatibility Mode has been enabled. Services can use the AspNetCompatibilityRequirementsAttribute to indicate whether they support ASP.NET Compatibility Mode.

[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class ProductService : IProductService
{

//Implement calculator service methods
}

Step 4: End point binding should be basicHttpBinding like this.

endpoint address="" binding="basicHttpBinding" contract="ProductService.IProductService"

and under system.web put the Authentication code as below .
authentication mode="Windows"

authorization
allow users="Domain\UserName
deny users="*"
authorization

******************************************************************
 -  How to access the operation contract from client.
********************************************************************

The three steps below will walk you how to access the operation contract.

Step 1: Create the proxy instance like this.

ProductService myservice = new ProductService();

Step 2: put this code once you create the instance of proxy class.
myservice.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;

Step 3: Change Security mode to TransportCredentialOnly on client web.config file otherwise it will show authorization error.

Enjoy :)