Single logout issue

Hi, I have several tomcat apps that are secured using keycloak saml protocol. Those apps are registered in the same realm.The SSO works.

I am trying to test logout feature of keycloak. In the keycloak admin console, I tried logging out all the sessions of a user; however, after doing that, I find that I can still access the secured apps. I am wondering whether there are some extra steps that are related to single logout setup. Can someone shed some light? Thanks!