How can I recover an expired session?
If a session has expired, it means a browser has made a new request that carries a session identifier, such as a cookie entry, for which the servlet container has no record. Servlet containers usually discard sessions after a standard time-out period, so they do not have to maintain sessions indefinitely. If the session has expired on the server side, there is no way to re-construct it, because no reference remains.
It is possible to request sessions live longer using the HttpSession setMaxInactiveInterval(int) method. Many servlet containers also support persistent sessions, which are stored between separate invocations of the container, but configuration details vary.