You should check the documentation on CAS single sign out which can be found here. It says:

Where Single Sign Out Works:

Clients / Languages whose session management is maintained on the server side. CAS clients can then access session information to end the session.

Where Single Sign Out Doesn't Work:

Clients / Languages whose only session management consists of cookies. CAS does not have access to the browser's cookies and cannot therefore terminate a session. (however, closing a browser window should do that)

And I think that's pretty much your case. Cookie based it's not possible to do a SSout, but if you can use a framework like Spring (as we do in our projects) the SSout is easy to configure and comes in very handy

CASGT cookie is set by CAS and should be unset by it. CAS logout procedure works like this:

1. You actually go to CAS logout page. The page should know the application which you are logging out from. One way is to redirect to CAS logout page from your application, supplying the redirect-back URL as a parameter.

2. Your cookie is erased and you are then redirected to your application via POST request.

3. SingleSignOutFilter catches a special parameter "logoutRequest" and actually destroys the ticket/session mapping that it held from the very beginning and also invalidates current session.

In order to debug CAS, enable TRACE level logging. This way you will know if proper request was received or if session has been invalidated.

I also advice you to look at the code of org.jasig.cas.client.session package, which is quite simple.