The first problem with your code that I can see is that you should use the forms authentication settings from web.config (such as timeout, domain, path, requireSSL, ...) to set those values for the forms authentication ticket and cookie. Right now you have hardcoded those values. For example you have hardcoded 30 minutes timeout for the ticket which might be different than the timeout set in your web.config for the cookie life. The default is 20 minutes. But if you change this value in your web.config to increase it, your cookie will live longer than the forms authentication ticket. As a consequence the user will always get logged out after 30 minutes and not after the timeout you specified.
Also I would have used a custom Authorize attribute to parse the forms authentication ticket and set the principal instead of using the global Application_PostAuthenticateRequest
event. The first being more MVCish way to achieve that. But this is just a recommendation, no problems from security or behavior point of view.