diff --git a/lib/roust.rb b/lib/roust.rb
index 67d30b8..16e7026 100644
--- a/lib/roust.rb
+++ b/lib/roust.rb
@@ -44,7 +44,8 @@ def authenticate!
     )
 
     cookie = response.headers['set-cookie']
-    self.class.headers['Cookie'] = cookie if cookie
+    self.class.default_cookies.add_cookies(cookie) if cookie
+    self.class.headers('Referer' => "#{@server}/REST/1.0")
 
     # Switch the base uri over to the actual REST API base uri.
     self.class.base_uri "#{@server}/REST/1.0"
@@ -60,7 +61,8 @@ def authenticate!
   end
 
   def authenticated?
-    return true if show('1')
+    show('1')
+    return true
   rescue Unauthenticated
     return false
   end
diff --git a/lib/roust/ticket.rb b/lib/roust/ticket.rb
index 0bc0a56..c3cf49a 100644
--- a/lib/roust/ticket.rb
+++ b/lib/roust/ticket.rb
@@ -6,6 +6,7 @@ def ticket_show(id)
       body, _ = explode_response(response)
 
       return nil if body =~ /^# (Ticket (\d+) does not exist\.)/
+      return nil if body =~ /^# You are not allowed to display ticket (\d+)./
 
       parse_ticket_attributes(body)
     end