If anybody is interested I found a way around this problem...
I've ended up removing forms authentication from the page that contains the Ajax Uploader control, and I'm checking if the user is logged in manually and not using the Forms Authentication web.config value to protect that particular page. This allows me to use the OnFileValidating event to check if the user is logged in...
protected void Uploader1_FileValidating(object sender, UploaderEventArgs args)
{
User _usrCurrent = ((BasePage)this.Page).CurrentUser;
if (_usrCurrent.Id <= 0)
{
throw (new Exception("Your session has timed out - please log in again"));
}
}
Not the cleanest solution - but it works!