- add [ad_conn ajax_p] to check, whether the request was an ajax requests (assumption: ajax-request sets header-field -Requested-With: XMLHttpRequest") - extend permission::require_permission to omit redirection of unauthenticaed users to the login page for ajax requests