>What is happening here is that the user has entered all of the data, pressed the price button, the click event fires, the VFP dll loads, the session gets wiped out, the page is resubmitted after servicing the click event, we hit the onInit, the session is null, we redirect to the logon, they log in again, we go back to the order form, which now sees the !IsPostback as true, which repaints the form as a new post, which wipes out the request data the user has already entered.
>
I am not following all the events you describe, but a starting point would be to use the built-in Forms authentication (requires a modification to your web.config). It will handle redirecting to the login page for you. Response.Redirect will definitely see things as a new page hit, not a post back.