采用rest 退出，有时需要重复登录，故改用logout?service=http://XXXX 退出

picc-enterprise-server/src/main/java/com/jpsoft/picc/modules/auth/controller/InsuranceApplicationController.java

@@ -644,7 +644,7 @@ public class InsuranceApplicationController {
             List<Sort> sortList = new ArrayList<>();
             sortList.add(new Sort("create_time", "desc"));
 
-            if (StringUtils.isNotEmpty(company.getId())) {
+            if (company!=null && StringUtils.isNotEmpty(company.getId())) {
                 searchParams.put("companyId", company.getId());
             }
 

picc-enterprise-server/src/main/java/com/jpsoft/picc/modules/pub/controller/UserController.java

@@ -19,12 +19,15 @@ import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.httpclient.methods.PostMethod;
 import org.apache.commons.lang3.StringUtils;
 import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jsoup.Jsoup;
 import org.jsoup.nodes.Document;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
@@ -362,20 +365,35 @@ public class UserController {
     @GetMapping("/logout")
     @ResponseBody
     @ApiOperation(value="退出")
-    public MessageResult<String> logout(HttpSession session){
+    public MessageResult<String> logout(HttpSession session,HttpServletRequest request,HttpServletResponse response){
         MessageResult<String> msgResult = new MessageResult<>();
 
         String tgt = (String)session.getAttribute("tgt");
         String casServerTicketUrl = casConfig.getServerUrlPrefix() + "/v1/tickets";
 
-        HttpClient client = new HttpClient();
-        DeleteMethod del = new DeleteMethod(casServerTicketUrl + "/" + tgt);
-
         try {
-//            client.executeMethod(del);
-//            String html = del.getResponseBodyAsString();
+//            if(StringUtils.isNotEmpty(tgt)) {
+//                HttpClient client = new HttpClient();
+//                DeleteMethod del = new DeleteMethod(casServerTicketUrl + "/" + tgt);
+//
+//                client.executeMethod(del);
+//                String html = del.getResponseBodyAsString();
+//
+//                System.out.println(html);
+//            }
+
+            session.removeAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
+            session.invalidate();
+
+            String service = casConfig.getClientHostUrl() + request.getContextPath() + "/portal/";
+
+            msgResult.setData(casConfig.getServerUrlPrefix() + "/logout?service=" + URLEncoder.encode(service,"UTF-8"));
+//            Cookie[] cookies = request.getCookies();
 //
-//            System.out.println(html);
+//            for (Cookie cookie : cookies) {
+//                cookie.setMaxAge(0);
+//                response.addCookie(cookie);
+//            }
 
             msgResult.setResult(true);
         } catch (Exception e) {