我有一个拦截器来处理用户会话。如果user属性不存在，则拦截器将重定向到登录页面。我想发送带有重定向URL的session timeout消息，但我不希望该消息出现在URL中。我在googlet上搜索了很多RedirectAttributes或FlashMap，但是找不到任何好的解决方案。

public class UserSessionInterceptor extends HandlerInterceptorAdapter {
        protected final Logger logger = LoggerFactory.getLogger(this.getClass());

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        User user = (User)request.getSession().getAttribute(CommonConstants.USER_SESSION_KEY);
        if (user == null) {
            String msg = String.format("session timeout");
            logger.error(msg);

    //      response.sendRedirect("/signin?errorMessage=" + msg); //I don't want to do this..

            return false;
        }

        return true;
    }
}

@Controller
@SessionAttributes(CommonConstants.KAPTCHA_SESSION_KEY)
public class SigninController extends BaseController {

    @RequestMapping(value = "/signin", method = RequestMethod.GET)
    public String signinPage() {
        return "forward:/index.jsp";
    }

    @RequestMapping(value = "/signin", method = RequestMethod.POST)
    public String signin(UserForm userForm, @ModelAttribute(CommonConstants.KAPTCHA_SESSION_KEY) String captchaExpected, RedirectAttributes redirectAttributes, HttpServletRequest request) {
    userForm.setCaptchaExpected(captchaExpected);
    try {
        loginValidator.validate(userForm);
    } catch (ValidateFailedException e) {
        logger.error(e.getMessage(), e);
        redirectAttributes.addFlashAttribute(ERROR_MESSAGE_KEY, e.getMessage());
        return "redirect:/signin";
    }

    User user = userService.getByUsername(userForm.getUsername());
    if (user == null || !user.getPassword().equals(DigestUtils.md5Hex(userForm.getPassword()))) {
        redirectAttributes.addFlashAttribute(ERROR_MESSAGE_KEY, "username or password is invalid");
        return "redirect:/signin";
    }
    request.getSession().setAttribute(CommonConstants.USER_SESSION_KEY, user);
    return "redirect:/dashboard";
}
}

<%@page contentType="text/html; charset=utf-8"%>
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>welcome</title>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="keywords" content="" />
<meta http-equiv="description" content="" />
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link rel="stylesheet" href="${ctx}/css/bootstrap.min.css">
<link rel="stylesheet" href="${ctx}/css/main.css">
<script src="${ctx}/js/jquery-1.11.1.min.js"></script>
<script src="${ctx}/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="login-box text-center" >
    <div class="login-single-panel-header">
        <h5 style="color:red">${errorMessage}</h5>
    </div>
</div>
</div>
</body>
</html>

我刚遇到同样的问题。
我调试了spring源代码，寻找spring mvc如何使flashmap属性相同，并在会话中提出与flashmap属性相同的特性。

这是我的最后一个解决方案:

// create a flashmap
FlashMap flashMap = new FlashMap();

// store the message
flashMap.put("ERROR_MESSAGE", "this is the message");

// create a flashmapMapManger with `request`
FlashMapManager flashMapManager = RequestContextUtils.getFlashMapManager(request);

// save the flash map data in session with falshMapManager
flashMapManager.saveOutputFlashMap(flashMap, request, response);