在前段ajax里加入 xhrFields:{withCredentials:true}, 后端的代码中加入 @CrossOrigin(origins = {"*"},allowCredentials = "true")