我错过了什么?“我的表单超时”不会使会话超时

我有一个asp.net mvc 3网站，它有我自己的authorize属性。当用户登录时，我制作一个表单Auth cookie

 public void SetAuthCookie(string userName, string userData = "",int version = 1)
    {
        DateTime expiry = DateTime.UtcNow.AddMinutes(30);
        FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(version, userName, DateTime.UtcNow, expiry, false, userData, "/");
        string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
        HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) {Path = "/"};
        HttpContext.Current.Response.Cookies.Add(authCookie);
    }

//AuthorizeAttribute

public class MyAuthorizeAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
       if (httpContext == null)
        {
            throw new ArgumentNullException("httpContext");
        }

       if (httpContext.User.Identity.IsAuthenticated)
       {
          return true;
       }
        return false;
    }

所以我去我的网站登录，等待我的网站超时。然后我做一个请求（这是一个ajax请求），它首先通过我的属性，httpContext.User.Identity.IsAuthenticated仍然设置为true，尽管我在3分钟内没有向服务器请求

  <authentication mode="Forms">
      <forms loginUrl="~/Account"
                      protection="All"
                      name=".MySite"
                      path="/"
                      requireSSL="false"
                      slidingExpiration="true"
                      defaultUrl="default.aspx"
                      cookieless="UseDeviceProfile"
                      enableCrossAppRedirects="false"
                       timeout="1"
                       />
    </authentication>