http://ayende.comAyende @ RahienCopyright (C) Ayende Rahien 2004 - 2021 (c) 202660Hmm, turns out the problem was different :) It's that I never actually set the Forms cookie because Session_start doesn't fire again when the user is authenticated after 401 response, so I'm getting redirected to Login page even though 401 part does work. I guess that could be done on every request (check session variable for being set/set up applicarion specific session stuff if it's not set), buit it's kinda ugly, is there a better solution that you used? http://ayende.com/2748/mixed-mode-authentication#comment3http://ayende.com/2748/mixed-mode-authentication#comment3Tue, 11 Sep 2007 11:22:26 GMTHi. Where do yu attach the HTTP module so that it would override the FormsAuthentiction module? I clear response and send 401 in PreSendRequestHeaders, but it still redirects me to login page. http://ayende.com/2748/mixed-mode-authentication#comment2http://ayende.com/2748/mixed-mode-authentication#comment2Tue, 11 Sep 2007 09:07:11 GMTThat is pretty cool man, can you post all the code that you created so other people can use it? http://ayende.com/2748/mixed-mode-authentication#comment1http://ayende.com/2748/mixed-mode-authentication#comment1Fri, 31 Aug 2007 00:18:09 GMT