Due to changes in AdmincentralServlet in Magnolia 6.2.38, logout no longer works, IdP session is never terminated.
This is because the HttpSession is invalidated too eagerly, and thus kills Pac4j's session-tracking.
Some dev notes and action should be taken in the scope of this ticket:
- Add the logout scenario on SSO integration test for both branches v3.1 and v4.0.0
- Consider to re-add `request.getSession().invalidate();` back to SsoLogoutFilter which is removed by this commit