我在spring-security.xml中添加了此代码,以启用会话超时检查和并发检查.
login-page="/login" login-processing-url="/authentication"
default-target-url="/home" always-use-default-target="true"
authentication-failure-url="/login?error=true"
username-parameter="userid" password-parameter="password"/>
logout logout-url="/logout" logout-success-url="/login" delete-cookies="JSESSIONID" invalidate-session="true" />