I didn't find any ways to do this just in the code. I ended up following this method
http://msdn.microsoft.com/en-us/library/ms972958.aspx
and slightly modifying it. It makes some changes in the settings in IIS through the grphical interface. I also didn't want forms authentication and so I changed it to None for authentication and I put some code in my master page to check a cookie and redirect to a page that can check the browser type with javascript and then redirect to the autologin or login page. I don't like that this method means I have to manualy make changes in IIS because this will add alot of time to setting up the web site when it has to be added on new servers, but this is the only way I could find.
This so far has let me do everything I have ever wanted to be able to do but couldn't with the normal authentication methods (add session count down timer, check session variables from service, combin active directory and custom authentication, notify user if they login from multiple locations) but it has taken a lot more coding and testing to get it working than I thought it would. And I will still be doing a lot more testing before I am happy that it will work correctly once real users start to use it. So if anyone has any suggestions for another way this could be done I would still be interestead in what other ways this could be done.
