I'm tasked with looking at Geneva Server for our existing [and future] application integration. A brief overview of the scenarios showing the common tiers with transport/messaging type between each:

WAN : Client (Silverlight) -> (basicHTTP [HTTPS]) > Services Layer (.NET 3/WCF) -> (in process .NET Remoting with SSPI) > Business Logic -> (DCOM [cloaked]) > Application Engine
LAN : Client (.NET) -> (.NET Remoting with SSPI) > Business Logic -> (DCOM [cloaked]) > Application Engine

Both the 'Business Logic' and 'Application Engine' tiers require the security context of the call to be made for a local Windows domain user. The 'Client' is external to the application's security domain and need not be a Windows host. Note that the 'Client (Silverlight)' tier could equally be a Web tier (IIS) with its own HTML based front end. Presently we request domain credentials in the 'Client (Silverlight)' application, pass them to the server which performs a logon user per operation. When the tiers described are on different physical hosts there is a necessity to use Kerberos configured for delegation. This ensures that our cloaked token reaches the 'Application Engine' with the context of the user who initiated it 'Client (.NET)' in the above example.

How would the Geneva Server assist in getting the call context to what I'd expect (need) it to be? If the user at 'Client (Silverlight)' was logged in as 'remoteuser' how could I get the security context of the call to be 'localuser' when then operation is invoked?

From what I've read on Geneva, in order to get 2 domains to work I'd have to establish a trust between them. Is this always the case? What happens if one of the security domains isn't Windows?

I'd be grateful if someone could shed some light on the above and perhaps point me in the direction of some docs/samples. Thanks in advance!