You can't, at least not reliably.
The server has no way of knowing if the user has browsed to a different site, closed their browser, lost their internet connection, had their PC crash on them, etc.... This is why sessions are designed to time out after a pre-determined amount of time.
You can add a logout button to your application, which can make a request to a
servlet or JSP that calls session.invalidate() but, if the user doesn't explicitly click it, you have to wait for the session to timeout.