I've been trying for a way to merge the two worlds of XHR and ASP.NET authentication. Talk about a foot in each camp! I keep getting close, and then it slips away from me again. The power to rebiuld the HTTP processing pipeline would seem to provide a lot of power, yet the otherwise-closed source of FormsAuthenticationModule keeps getting in the way. The insertion of an HttpModule allowing me to intercept its attempts at redirect seemed like the answer, but so far it blindly proceeds anyway.
its late, hopefully I'm just screwing up something.