Check to see if you have a persist cookie one of the issue is when you open Office documents from SharePoint it creates a new session and you have to re-authenticate. When Word, Excel, or any of the office products don't handle form based authenticate well. If you have a persisted cookie F5 will recognize that there's a session already and let the request proceed.
link text
There are a couple of other entries on devCentral use the search to find them some are really good.
Also if you look at the deployment guide for APM and SharePoint
You need client IP restriction and cookie based persistence