In the 802.1x profile, you need to make sure the OKC (opportunistic key caching) is enabled to prevent the full reauth. This will only help non-apple products.
On your other issue with frequent reauthentication, it typically happens when the power on the access points are too high and the clients jump from AP to AP, even when they are not moving. Type "show ap arm state ap-name <name of ap>" and see how many access points a single access point can see. In an ideal world, you don't want any access points seeing another access points on the same channel at 20 snr or stronger. In the real world, this will happen on the 2.4ghz in a dense deployment due to the lack of channels, but you can lower the power to minimize it.