Unauthenticated users get authenticated and logged in. If they don't have an account yet, osTicket creates automatically an account and logs the user in afterwards. But that depends on the osTicket registration settings, so when we would change them I guess the users to then get an access denied and users will stay unauthenticated.
You could try to call the login.php in the background (we do this) so when the user then is at the web portal and logged in (or not, based on the result). This way with a little PHP page that calls the login.php in background via java script and then redirects to the web portal of osTicket we save our users 1 click since they are already signed in when they see the osTicket web portal.
So maybe that way you could try to figure out something that way. I know pretty vague, but give it a try.