The authentication ticket seems to be part of the Terminal Services Workspace Provisioning Protocol that is inconsistent with how Forms Authentication is typically implemented.
In WebFeedLogin.aspx, if I replace this...
Response.Write(FormsAuthentication.Encrypt(ticket));
...with this...
Response.Cookies[".ASPXAUTH"].Value = FormsAuthentication.Encrypt(ticket); Response.Redirect(Request.QueryString["ReturnUrl"]);
...I get an XML resource list, but it's still rejected by RemoteApp and Desktop Connections.
It's clearly authenticating, because it can't get the XML without a valid ticket. I feel like I could have written my own application that does what RemoteApp and Desktop Connections is supposed to do by now. >:(