https://blog.csdn.net/s740556472/article/details/71275328
@RequestMapping("/logout") public String logout(HttpSession session, SessionStatus sessionStatus){ session.invalidate(); sessionStatus.setComplete(); return "redirect:/login"; }
session.invalidate();只是讓session失效 但session仍然存在。