Yes you red right and that is something I learned at customers field.
After setting your legacy URL:
Set-OwaVirtualDirectory -Identity "2013server\owa (Default Web Site)" -Exchange2003Url https://legacy.company.com/owa
and pointing your DNS Namespace to Exchange 2013, the new 2013 FBA will authenticate you. So far so good. Exchange now checks your location of mailbox and if you are still on Ex2007 it will “redirect”. As we learned, a hidden-formular with my credentials should be transfered to the legacy server where FBA (Forms Based Auth) is also active.
So what is the Clue? In Ex2007 you will have to authenticate a second time – Oh my God, who will tell this the customers?
have fun, Jimmy