I am trying to do some testing of my application with respect to timeouts
(i.e. Session timeouts). I took the advice of somebody else in this
newsgroup (I think) and set my forms authentication timeout to be one minute
less than the session timeout, but I was still getting wierd things happen
when a timeout would occur.

Today I set the timeout value for forms authentication = "1" and for the
session = "2" just to test. Low and behold, the forms authentication
timeout doesn't seem to make any difference. I debugged and see that there
is still a ticket with an authenticated user when I try to view a page even
after 5 minutes of inactivity.

Is there something I'm missing?

Here's the relavent portions of my application-level web.config:

<authentication mode="Forms" >
<forms loginUrl="login/main/member_login.aspx" timeout="1">

sqlConnectionString="data source=;user id=sa;password="