I currently have an IHttpModule that is doing some custom forms authentication to authenticate a user with my single sign on server. After redirecting back from my SSO server, I get a bunch of information about the user. I’d like to store this in the Session as opposed to the FormsAuthenticationTicket because the amount of data is large. However, in the AuthenticateRequest event it does not appear that the session is setup yet. Is there a good way around this or a better way to store the data. I’m also not thrilled about the fact that the session and FormsAuth data would necessarily be in sync time-wise so I’m open to all suggestions.