This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
first thing session-timeout means always max inactive interval/the time limit for which session is idle i.e no request is being made.
As fer as i know it automatically doesn't redirect you after session timeout limit.You have to make some request after specified time period in order to check whether session has been
invalidated or not.That time it will redirect you to login page.
If you want to check without making request apply HttpsessionListener concept.
check whether session is being destroyed or not.