We are looking at creating a solution using SharePoint Foundation 2010 with forms-based authentication. The application will access business data by consuming a number of web services via SharePoint's business connectivity service.
Both the web service and SharePoint will have access to the same database containing the user data for authentication however the web service will contain much of the business logic and auditing etc.
My question is if we use Passthrough authentication for the BCS against the web services how does the web service access the username (and optionally any other credentials) that was passed through? Is Passthrough even the right option to use here?
I've been hunting around MSDN and various other sites but cannot find details of how the web service accesses the user details.