NET web application and a WCF Application that share the same ASP.NET membership database. They are both sharing the same ASP.NET membership database.
It is basically like:
WCF: is https://ServerName/Services.svc ASP.NET: is https://ServerName/Default.aspx
(both are two virtual folders in the same web application and both are using the same ASP.NET membership database).
The user logs on to the ASP.NET application and can then decide to call the WCF service.
What are my options for setting the security for the call between the ASP.NET and the WCF service that make the call using the credentials supplied by the user when logging to the ASP.NET application?