WHAT COULD BE DONE
The Application can keep looking for key CA SSO Headers. These Headers are only available when a Valid SMSession exists. Based on this info the Application knows that the user is still logged in. This information is available on content that is front-end by a CA SSO WebAgent. The key is being front-ended by a CA SSO WebAgent / WebServer. Doesn't matter if the actual resource is protected OR unprotected by CA SSO. As long as a valid SMSession exist CA SSO populated these headers on protected and unprotected content.
WHAT COULD NOT BE DONE
CA SSO cannot present any other status other than logged in OR logged out. If we are comparing to an online messenger, that is not supported within CA SSO. Online Messengers use Presence Service. There is no support for Presence Service in CA SSO. Further more CA SSO works with Web Application. One can stay active on a laptop even without accessing a Web Application (e.g. I am doing development work / coding of a thick client OR preparing a Presentation).
More about Presence Service.
https://en.wikipedia.org/wiki/Presence_information
https://en.wikipedia.org/wiki/Presence_service
https://support.office.com/en-us/article/Understanding-presence-and-member-status-and-instant-messaging-311996a4-e202-4ef7-bdbe-0e14814e7ee0
Regards
Hubert