[eluser]tonanbarbarian[/eluser]
just thought of something
if you build your authentication library the right way you can make this all seemless, or almost
if the authentication lib detects the session timeout, and instead of redirecting to the login page basically hijacks the current controller/method processing and simply displays the login page and ends.
this means that the login page will be displayed on any url on the site
The login page is then instructed to submit to the current url, where the authentication library intercepts the login request, processes it and if successful redirects to the same url, but it is now logged in.
In this way the url stays the same while the user is logged out and then logs back in