Forms Authentication using WCF ServiceHost or Endpoint

I'm writing a WCF service for an ASP.NET site. I would like to protect my service.svc file so that it cannot be accessed. As a result, I am putting it in a Forms protected folder, like so:

http://www.myweb.com/admin/myservice.svc

I've tried using AuthenticationService, but there are too many touch points and it doesn't work with forms authentication.

Are there any better alternatives? Could there be a way to subclass the Binding or ServiceHost to perform the authentication and send an AuthenticationTicket back down the wire to the client? Interestingly, I'm using wsHttpsContext and it magically keeps track of the session without any work. There should be no reason it can't keep track of the authentication.

As an a开发者_C百科side, I'm really surprised that Microsoft hasn't put out a suitable solution to this problem. This is one of the most common questions about WCF.