I have two deployments (webroles) of the same WCF service hosted as Azure Cloud services: http://myservice1.cloudapp.net, http://myservice2.cloudapp.net. Each of those is configured to use ACS authentication. I've configured WATM (Traffic Manager) to load-balance between those two webroles. When calling each of those services directly, everything works just fine. However, when the client calls through the WATM endpoint, it gets the following error message:
ID3242: The security token could not be authenticated or authorized.
The ACS namespace has all three URLs configured as realms.
Thanks in advance.