In learning WCF, I'm a bit confused where to go to figure out how I should be handling user authentication. My MVC 2 app uses an Active Directory Membership Provider and this works and is good, but my MVC app doesn't really do anything but call my WCF services. My business logic on the other side of WCF is what really does everything (as it should be).
How should I be handling authentication with WCF? Can I somehow have my MVC calls to my WCF services kinda impersonate my users' AD accounts or something? And yeah, I know I can do identity impersonation, but what is the right way to do something like this? My business logic is what needs to really do the heavy lifting when it comes to deciding what data and functionality a user can have.