To set a session-timeout that never expires is not desirable because you would be reliable on the user to push the logout-button every time he's finished to prevent your server of too much load (depending on the amount of users and the hardware). Additionaly there are some security issues you might run into you would rather avoid.
The reason why the session gets invalidated while the server is still working on a task is because there is no communication between client-side (users browser) and server-side through e.g. a http-request. Therefore the server can't know about the users state, thinks he's idling and invalidates the session after the time set in your
To get around this you have several possibilities:
<session-timeout>inside the server but I wouldn't recommend this
There was a similar question asked, maybe you can adapt parts of this solution in your project. Have a look at this.
Hope this helps, have Fun!
~ Answered on 2013-03-13 11:16:01