As an example. When a user logs in you may set a session variable for userid. This variable is available throughout the usage of the application. if the user's browser does not interact with the web server for the specified session time (which is 24 minutes by default - 1440 seconds), the next time the user tries to refresh or go to another page they will automatically be directed to the login page (which will force them to login again).
