I am trying to do some testing of my application with respect to timeouts
(i.e. Session timeouts). I took the advice of somebody else in this
newsgroup (I think) and set my forms authentication timeout to be one minute
less than the session timeout, but I was still getting wierd things happen
when a timeout would occur.

Today I set the timeout value for forms authentication = "1" and for the
session = "2" just to test. Low and behold, the forms authentication
timeout doesn't seem to make any difference. I debugged and see that there
is still a ticket with an authenticated user when I try to view a page even
after 5 minutes of inactivity.

Is there something I'm missing?

Here's the relavent portions of my application-level web.config:

<authentication mode="Forms" >
<forms loginUrl="login/main/member_login.aspx" timeout="1">
</forms>
</authentication>

<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user id=sa;password="
cookieless="false"
timeout="2"
/>