All Vaadin applications from a single running browser share the session instance, so when it times out, all applications for the user (browser) are closed.
To override this behavior, you would either need to have your server use different HttpSessions for the different applications or use separate application context instances for the different applications.
Unfortunately, AbstractApplicationServlet.service() calls the static method WebApplicationContext.getApplicationContext() directly, making the second approach very tricky or impossible to implement without replacing the core class WebApplicationContext, which I would not recommend doing.
You could
create an enhancement request for support for overriding how the application context is obtained in AbstractApplicationServlet and AbstractApplicationPortlet - this could be implemented e.g. by routing the calls to the static methods via a protected method in the servlet/portlet class. This could also be useful in some other contexts where the low level communication between the server and the client needs to be customized (handling file uploads etc.).