请确保您在使会话无效之后重定向请求.根据会话属性解析用户主体.因此，当您直接转到目标页面时(默认情况下是JSF导航案例)，由于它使用 same HttpSession引用，因此它仍将存在于目标页面中.重定向指示Web浏览器触发全新的HTTP请求，从而强制服务器根据新请求重新创建HttpSession引用.

Ensure that you're redirecting the request after invalidating the session. The user principal is resolved based on a session attribute. So when you just forward to the target page (as a JSF navigation case by default does), then it'll still be there in the target page since it uses the same HttpSession reference. A redirect instructs the webbrowser to fire a brand new HTTP request, hereby forcing the server to recreate the HttpSession reference based on the new request.

将<redirect/>添加到导航案例中，以强制JSF发送重定向.或者，如果您已经在JSF 2.0中，请在结果值中添加?faces-redirect=true.

Add <redirect/> to the navigation case to force JSF to send a redirect. Or when you're already in JSF 2.0, add ?faces-redirect=true to the outcome value.