It turns out that when Tomcat SSO is turned on, when a user's session is invalidated,
as the portal server iterates through all the active war sessions and invalidates them, the main portal session is invalidated as well.
The code calls session.invalidate on the main portal session after that and gets and IllegalStateException because the session is already invalidated.
This exception needs to be handled smoothly so that user does not see a failure upon logout
Note: This issue surfaces only when Tomcat SSO is actiavted.