There is no built-in mechanism for this. However, in the sec_handler in the security-procs of acs-tcl you can find the code to force the expiration of the session cookie (ad_session_id) and to force login handler. The session id cookie contains as 4th value the issue time, that you can use for checking.
