I'm looking for a tutorial/advice on setting up a Name/Password dialog that would authorize users to access my WCF service. I'm very green at this - I've set up a WCF service, but I've never done any sort of security/authorization before. My website is all based in HTML/Javascript on the client side. On the server, there are WCF services that read from a database and store user info to a database. I don't mind if unauthorized people can see the HTML and Javascript, but I don't want them accessing the WCF services. My thoughts right now are to have every method in my service require username/password parameters and store that information either in a cookie or as a variable in JavaScript. If I do that and have the website accessed via HTTPS, would it be secure?
