我在spring-security.xml中添加了此代码,以启用会话超时检查和并发检查.
logout logout-url="/logout" logout-success-url="/login" delete-cookies="JSESSIONID" invalidate-session="true" />