Thank you “fp” for your answer.
Unfortunately I should have been more succinct with my description of the problem.
I except that to log a user out you would follow one of the two suggested path.
Most likely removing the session cookie.

I guess my question should have been what syntax would I issue to remove the cookie or issue a bad session key against the username in AuthCookieDBI??
AuthCookie gives and example of:-
 "$r->auth_type->logout($r);"

If my understanding is correct this poisons the session. So the next request to authorize will redirect to the login page.
So is there such a command for the modified AuthCookieDBI??

Again thanks to one and all
Gareth