= HW06: Security, Authentication and Authorization =

First read [[https://msdn.microsoft.com/library/ff405740.aspx|this page]] both part 1 and 2.  Implement scenario 3 for your movie database as follows:

 * Security: TransportWithMessageCredential (Scenario 3)
 * Credential Type: Username
 * Authorization: Role-based using ASP.NET role management

Because we don't want users to edit movies, we are going to allow them to create and read, but not update and delete. Create a Users role for this and a Managers role for those who have all operations. When you are done, you will need to add a way to pass credentials to the users.

== Notes: ==

When I got to "Configure Membership and Roles" I hit a brick wall and had to look elsewhere for tools to complete this task. It looks like [[https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-use-the-aspnet-membership-provider|this website]] might work for us. Since the code is not available for the login, I used [[https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-authenticate-with-a-user-name-and-password|this website]].