Authorization and Authentication using WCF

What are the best practices for handling security i.e. Authorization and Authentication in Web Application?

I am working on a web application, using WCF as SOA, there are more chances that in future individual component in my application can be integrated with some third party application. I am looking for a solution by which I can handle Authorization and Authentication for my application using internal approach of my application as well as i can use interface provided by some third party application for authorization and authentication.

From stackoverflow

• We are currently looking at the Microsoft Geneva framework for exactly this (plus our other SSO requirements). Looks very nice.

  http://msdn.microsoft.com/en-us/security/aa570351.aspx

• See What is some good WCF/web services security reading?