Spring的SecurityContextLogoutHandler指出clearAuthentication标志用于:removestheAuthenticationfromtheSecurityContexttopreventissueswithconcurrentrequests.从SecurityContext中删除Authentication可以避免什么具体问题？为什么仅仅使session无效(这是SecurityContextLogoutHandler的另一职责)还不够？不清除SecurityContext是否担心SecurityContextPersistenceFil