这里要说的是,如果在退出登陆时,在sendRedirect 之后使用 SecurityUtils.getSubject().logout(); 会导致 session 清空,所以在返回退出成功页面时,获取不到 session 里的任何信息。
@RequestMapping(value = "/logout", method = RequestMethod.GET)
@LoadLog(operationType = "logout", operationName = "账号登出")
public void logout(HttpServletRequest req, HttpServletResponse rep) {
try {
rep.sendRedirect(req.getContextPath() + "/toLogout");
// 之前是在这里先logout()
// SecurityUtils.getSubject().logout();
} catch (Exception e) {
logger.error("", e);
}
}
@RequestMapping(value = "/toLogout", method = RequestMethod.GET)
public String toLogout(HttpServletRequest req, HttpServletResponse rep) {
// 后来我把logout()放在了这里
SecurityUtils.getSubject().logout();
return PageUrl.toLogout;
}
这里之前