MVC Authentication through WCF

In learning WCF, I'm a bit confused where to go to figure out how I should be handling user authentication. My MVC 2 app uses an Active Directory Membership Provider and this works and is good, but my MVC app doesn't really do anything but call my WCF services. My business logic on the other side of WCF is what really does everything (as it should be).

How should I be handling authentication with WCF开发者_运维技巧? Can I somehow have my MVC calls to my WCF services kinda impersonate my users' AD accounts or something? And yeah, I know I can do identity impersonation, but what is the right way to do something like this? My business logic is what needs to really do the heavy lifting when it comes to deciding what data and functionality a user can have.

We have decided to use the Identity Stack Propagation in iDesign's ServiceModelEx library. This allows us to track what user has logged in via Forms Authentication on the Service side without having to impersonate anybody.