Once the session is gone, the session is gone--you won't get the same user object instance.
The previous suggestion was to use a session listener (the docs of which are available by clicking on the
word HttpSessionListener) to save some state to somewhere (a database, the application context, whatever) and when that user logs in again, use the persisted state to drop them back onto whatever page they were on before their session expired.
This implies you'd need to keep track of what they were doing/where they were throughout their use of the application, of course.