Steps I am using:
1. From my client: verify that I am calling the web service with the correct credentials by passing them to AuthenticateUser (~/Services/Security/Users.svc//Authenticate)
2. From my client: logout the current user (~/Services/Security/Users.svc//Logout)
3. In web browser: login to SiteFinity backend using same credentials as my client
4. From my client: try to login with same credentials as before, receive expected UserAlreadyLoggedIn result
5. From my client: try to log the web browser out by calling LogoutWithCredentials (~/Services/Security/Users.svc//LogoutCredentials), passing exactly the same credentials that I used in step 1 to successfully log in
6. The body returns "true", but the web browser user is still logged in, verified by the following:
a. if I call AuthenticateUser from the client again, I still get UserAlreadyLoggedIn
b. if I click around in the web browser, I can navigate to other pages and am not notified that I have been logged out.
Why isn't LogoutWithCredentials working? How can I force the web user to logout so I can login?