Nowadays quite lots of sites are AJAXy, especially their back-end part. This introduces one interesting issue with sessions and password protected areas.
Typical scenario is: password protected URL initiates a server-side check for valid user is logged in or in other case redirects to login page.
What happen when session is expired by timeout? Session data is wiped from the server, so already logged user becomes like a just comer. Next request to the server will eventually redirect him back to login dialog.
But not in case of AJAX. Usually AJAX requests are written in the way not to support sudden session break and this situation can lead to a very unpredictable behavior. How to fix it quick?