Well - what is really your point behind making them re-connect?
Is it the option to re-direct them to a landing portal with some info or ads you want them to see/click on?
Depending on what you want to achieve I would just save the user the hassle, and just have them re-register to get a new password. The account will by default auto-update with a new password anyways, and not overwrite any parameter not filled in..
But - that said...
I haven't tried this myself, but you could most likely create a variation of the Enforcement Policy "Standard Guest Access" with a rule that terminates the session if more than 1 hour since last authentication.
Inserted screenshot for configuration
Note that if the user has already timed out in the Aruba Session ie. he has been idle more than 5 minutes (or whatever you've set user idle timeout to be) he will have to be re-authenticated through the portal anyways.
Also.. You might want to use MAC-authentication and do the termination part there instead. Just same kind of rule starting out with the "MAC-caching 24hours" policy.
Try it and let us know how it works out for you.