I have this existing environment:

1) ASP.NET 3.5 web application

2) forms authentication with the SqlMembershipProvider

I need to add the following:

1) a Silverlight charting object embedded in a web page.

2) a WCF service to be consumed by:

 a) the Silverlight component embedded in an authenticated 
       web page, as mentioned above

 b) server-based WCF clients with certificate based authentication

My question is – what is the easiest/best way to configure the WCF endpoints for the Silverlight object to authenticate to the WCF service using the security context of the already logged-in user (via the page that’s hosting the Silverlight object) without having to use the user’s username/password again?

I’ve researched a lot of the MSDN and Patterns & Practices material and I thought I had a decent grasp of many of the potential authentication scenarios. But I can’t seem to figure out a way to tie them together for the scenario I’ve outlined. I’ve found other people posting similar questions to mine but none of the answers I’ve read seem to fully answer their questions either. (Maybe I’m making this harder than it needs to be?)

I would think that the solution would be to somehow use the authentication token/cookie generated in the asp.net form login and somehow pass that to the Silverlight object which then includes it in the WCF request. But I don’t see how to configure the WCF endpoint to use that token.

(In some of my other projects I’ve implemented the server-to-server scenario in 2.b above using certificate-based authentication, so I’m not too worried about adding that to the current mix I’ve outlined.)

Thanks in advance for any insight or pointers to the path forward.

Terry