diff --git a/lms/djangoapps/courseware/module_render.py b/lms/djangoapps/courseware/module_render.py
index d2203681e7..6a2e8a6d96 100644
--- a/lms/djangoapps/courseware/module_render.py
+++ b/lms/djangoapps/courseware/module_render.py
@@ -12,7 +12,6 @@ from opaque_keys import InvalidKeyError
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.cache import cache
-from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
 from django.http import Http404, HttpResponse
 from django.views.decorators.csrf import csrf_exempt
@@ -632,13 +631,13 @@ def handle_xblock_callback(request, course_id, usage_id, handler, suffix=None):
       - location -- the module location. Used to look up the XModule instance
       - course_id -- defines the course context for this request.
 
-    Raises PermissionDenied if the user is not logged in. Raises Http404 if
+    Return 403 error if the user is not logged in. Raises Http404 if
     the location and course_id do not identify a valid module, the module is
     not accessible by the user, or the module raises NotFoundError. If the
     module raises any other error, it will escape this function.
     """
     if not request.user.is_authenticated():
-        raise PermissionDenied
+        return HttpResponse('Unauthenticated', status=403)
 
     return _invoke_xblock_handler(request, course_id, usage_id, handler, suffix, request.user)
 
diff --git a/lms/djangoapps/courseware/tests/test_module_render.py b/lms/djangoapps/courseware/tests/test_module_render.py
index c9770ff691..8933a83e7e 100644
--- a/lms/djangoapps/courseware/tests/test_module_render.py
+++ b/lms/djangoapps/courseware/tests/test_module_render.py
@@ -160,6 +160,7 @@ class ModuleRenderTestCase(ModuleStoreTestCase, LoginEnrollmentTestCase):
         )
         response = self.client.post(dispatch_url, {'position': 2})
         self.assertEquals(403, response.status_code)
+        self.assertEquals('Unauthenticated', response.content)
 
 
 @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
diff --git a/lms/envs/common.py b/lms/envs/common.py
index 5b889ef896..7718ada4ca 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -854,6 +854,7 @@ courseware_js = (
         'coffee/src/' + pth + '.js'
         for pth in ['courseware', 'histogram', 'navigation', 'time']
     ] +
+    ['js/' + pth + '.js' for pth in ['ajax-error']] +
     sorted(rooted_glob(PROJECT_ROOT / 'static', 'coffee/src/modules/**/*.js'))
 )
 
diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js
new file mode 100644
index 0000000000..3e7202a156
--- /dev/null
+++ b/lms/static/js/ajax-error.js
@@ -0,0 +1,15 @@
+$(document).ajaxError(function (event, jXHR) {
+    if (jXHR.status === 403 && jXHR.responseText === 'Unauthenticated') {
+        var message = gettext(
+            'You have been logged out of your edX account. '+
+            'Click Okay to log in again now. '+
+            'Click Cancel to stay on this page '+
+            '(you must log in again to save your work).'
+        );
+
+        if (window.confirm(message)) {
+            var currentLocation = window.location.href;
+            window.location.href = '/accounts/login?next=' + currentLocation;
+        };
+    }
+});