...
The protected pages have buttons for both application logout and single sign-out. Application logout invalidates the current session. Note that if you still have a valid CAS SSO login session, i.e., you're in another protected application in a different browser tab, then navigating to the protected page again will log you right back in.
Single sign-out, on the other hand, will require you to login again for any action that accesses a protected page, even refreshing the protected page.
CAS-ifying the Client Applications
...