Hi Amey,
As the note 842635 states,
"
The termination of the Portal and all Web Dynpro applications as a whole is defined by the Security Session timeout.
This is an absolute timeout value, e.g. the default is about 27h, that always terminates the whole security session after the defined period of time independtly from any user interaction.
"
Check the parameter "SessionExpirationPeriod' in configtool(you will find it in the same location as "sessionTimeout" and set it correctly.
Also check SAP Note No. 1644347; there is a bug due to which the sessions do not get closed on the WD end.
Also, it is the portal that is responsible for notifying the engine about the session termination, at the time when the user executes any event which should trigger the session termination, such as portal log off and closing the browser window.
This task is accomplished by the portal through the use of the portal DSM mechanism, which is responsible by notifying the Engine about the session termination. In regards to this portal mechanism, we have to take the following SAP KBA into account:
1660720 - Session remains open after the logoff on enterprise portal
Check this thoroughly.
Regards,
Hemanth