A session is usually handled on the browser side by a cookie. A cookie has a domain: the site and path to which the cookie applies. Look at the cookies that are set in your browser; your site's session cookie likely has a domain that applies to both of your web sites.
You'll need to make sure that the path on each site's session cookie is specific enough that the other site won't pick it up.