Authenticating to a WCF service

There seems to be a plethora of resources out there on how to do this, but I haven't really been able to find anything to exactly do what I want to do. I'm trying to create a WCF web service that will require users to authenticate to be able to do anything (call methods, see WSDL, etc.). The authentication would be a custom piece I would write to connect to our LDAP server. I'd like to use forms authentication as I don't want the client to have to re-authenticate on each request. I'd like the service to just send a Forms Auth ticket cookie to the client which the client c开发者_高级运维an send back for future requests (I'm ok with kludging this for client environments that don't support cookies, e.g. mobile app). However, on the service side I need to be able to in memory store data for each user that keeps a cached copy of the user's authentication groups (to avoid making repeated calls to the LDAP server), that could be easily looked up using just the Forms Auth ticket. I'm fairly new to WCF and Forms Authentication so I would appreciate it if you wouldn't skip over the "simple" things. Thanks!

It seems to me that you need to setup a Secure Token Service (STS) that will take care of the authentication. A STS can expose an LDAP or SQL table if you like.

Other alterantives can be Windows Azure ACS that allow you to federate against many different identity providers like Facebook and Google.

If your authentication source is Active Directory, then ADFS is the way to go.