Without the redirect tag in the navigation rule, the tomcat try to map to invalidate.xhtml because this is the default suffix of facelets. It' s not a very fine Facelets / My Faces / ICEFaces Solution, but it works.
If, after logging out, you then perform another request from the browser, does it still look like the user is logged in?
I suspect that it's actually working, but that you're observing the state at the wrong time. The session is still available in the current request-response. You need to send a redirect after the invalidate so that the browser will be instructed to send a new request on the given URL. If that still doesn't work, then the bug is in how you're storing the user in session.
My problem is after do Logout(), the get Logged In Username() still returns the name of the user that was logged in. :) I guess I'm using whatever the default behavior is, on do Log Out() the browser leaves whatever page I was on and shows the page (which you don't have to be signed in to see, by the way). It's a redirect when the URL in browser address bar changes to the target URL instead of sticking to the URL where the form is submitted to.
Lets now look in detail as how to create a JSF login logout authentication mechanism in JSF application.