Thanks jaikiran,
actually before login there are doing some session stuff - I dont know in detail..down the road need to dig
I found 2 work around,
1. refreshing the page before session time out so that server maintain the same session and connection - simple stuff?.
2. bit complex logic - after session time out when user hit enter retaining there are credential in session then redirect again to login page then onload submit,
if there is values in new session (not tested though)
I always want to apply work around-1 since it is very simple. and I explained(convinced) to my boss(architect) , yes... he said well done
simple refresh tag done the job...