The AuthenticatedRequested event would be used for you to redirect users to a URL that invokes the authentication process. You could redirect users to a URL specified by Kentor AuthServices to start the login process, in this event.
Regarding using a webpart to trigger external login, the webpart needs to on a page that allows anonymous users.
Regarding the “/AuthServices/Acs” issue, are you using the Kentor AuthServices HTTP Module? If you have Kentor AuthServices working in a standalone ASP.NET Forms application, and configured it the same way in the Kentico application, I suspect that the Kentico HTTP Module is handling the requests before the Kentor module gets a chance to process them. To solve this problem, configure the URLs used by AuthServices to be excluded by Kentico in Settings->URLs and SEO->Excluded URLs.