Gracefully handle users who leave browser open overnight

[slominskir]

It appears some users are getting confused by authentication expiration/logout presumably from leaving their browser open overnight. In this scenario the web page doesn't auto-update, but if they attempt to take an action they'll see they are no longer authenticated.

This can also happen if they logout from a different app, that uses the same Keycloak SSO.

We might be able to make this scenario clearer to the user. We may need to fine-tune Wildfly session expiration and Keycloak SSO authentication session expiration to closer match, and provide better error messages in case of auto-logout.