Earlier while discussing WIF, it was stated that it is difficult for Azure roles to communicate with the active directory, as the roles are not connected to the domain.
If it is a requirement that you use standard windows authentication within the application, then it may be possible to use Azure Connect. Azure Connect allows a Virtual Private Network (VPN) connection between Windows Azure and your corporate environment. It will also allow you to connect the roles to your domain. There is not much guidance to support this scenario, but a good place to start researching is on the Azure Connect team blog at the following address:
However, it is highly recommended that you research using Azure ACS first, as the Azure Connect solution has limitations, such as it also requires the users to be within the corporate network or connected to the VPN.