yes, JSP pages will create a session for you.
Your servlet has indeed killed the session and everything in it, but the moment the JSP executed it creates a new one.
A better
test to check for session expiration is therefore to insert a known value in the session when you first start monitoring it (for example, session.setAttribute("userid", userID) in a servlet doing login, and check for the existence of that value (if (session.getAttribute("userid") != null) )when you want to know whether the session is still valid.