I have a simple WCF Service hosted on IIS 8 that uses wsHttpBinding. I want to be able to control wich users (domain accounts) have access to the service. How can I do that? Perhaps there are several ways to do this. Can I define the accounts in the web.config file or do I set this up in IIS?
You can use PrincipalPermission to control it.
Check out this answer: WCF security with Domain Groups
And here you can catch up on msdn: http://msdn.microsoft.com/en-us/library/ms735093(v=vs.110).aspx