DualShield Tomcat Valve supports Single Logout (SLO), or Single Sign-Out, by which a user is able to completely sign-out the application they signed into with two-factor authentication.
To implement Single Logout, the application should call the URL below:
slo_logout?RelayState={URL}
In which {URL} should be replaced with the URL of the landing page after the user has been logged out.
For example:
<html> <head> <title>Protected page</title> </head> <body> <h1>Welcome! You're logged in</h1> <p><strong>Success!</strong> This page is available to anyone who has been successfully authenticated</p> <br/><br/> <p><button onclick="location.href='slo_logout?RelayState=/index.html'">Logout</button></p> </body> </html>