diff --git a/src/main/java/com/pyc/campus/config/WebSecurityConfig.java b/src/main/java/com/pyc/campus/config/WebSecurityConfig.java
index 984122a85112ea827468d0f165e85089cb3ce8f6..6090740bf45aacfb6b208c94ffe8b1bf3d332318 100644
--- a/src/main/java/com/pyc/campus/config/WebSecurityConfig.java
+++ b/src/main/java/com/pyc/campus/config/WebSecurityConfig.java
@@ -31,6 +31,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
+        http.sessionManagement()
+                .maximumSessions(1).maxSessionsPreventsLogin(true);
         http.authorizeRequests()
                 .antMatchers("/campus").permitAll()
                 .antMatchers("/aboutLearn").permitAll()
@@ -52,7 +54,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .permitAll()
                 .and()
                 .logout()
-                .logoutSuccessUrl("/campus")
+                .logoutSuccessUrl("/campus").invalidateHttpSession(true)
                 .permitAll();
     }