Alright, just being curious, I went ahead and implemented a solution :) The following blog post describes how it can be done:
http://solutionsfit.com/blog/2007/11/16/session-expired-messages-using-seam-security/
Hope it helps.
Good afternoon Jacob,
Thanks a lot for the solution. I have used my home page as "a page in between" and it works fine. In this way, I don't need to use meta refresh to redirect to the login page.
Thank you very much for your help and have a nice day!
Best regards,
Sheng