An initial server responds to a request with a redirection object describing the a different server to which the request should be redirected, and providing additional information about authenticating to the other server. The redirection object includes a session check variable indicating whether a forms-based authentication process may need to be performed, a session URI through which the client may determine whether the client was previously authenticated to the other server, and optionally a forms URI through which the client may initiate a forms-based authentication process. If the session check variable indicates that the other server may require forms based authentication, and an authenticated session does not exist between the client and the other server, and the client has a forms URI for the other server, then the client opens a Web browser, and directs the Web browser to the forms URI to complete a forms-based authentication process.