This is second part following the first part, ASP.NET: Authentication With SWT Token Using Windows Azure ACS and WIF Custom Token Handler, of the overall scenario that should answer the following question:
How I can flow security context of end user through tiers between ASP.NET web app and the downstream REST WCF service?
Just published code sample on MSDN Code Gallery for the REST WCF part. Bits are here:
It largely follows the instructions available here:
Next is to connect both parts and enable the scenario of flowing the security context of end user through the tier. The challenge will be to make the original SWT token that was issued for the front end ASP.NET web app available to the backend REST WCF service. Will outline in the third and final part of these series of blog posts.