I have posted a new article that discusses the benefits of providing pre-authentication to your web applications and how it can provide a significant layer of security against application layer attacks.

http://blogs.technet.com/accessdenied/articles/420744.aspx