项目使用springboot+shiro来验证用户，shiro原本是用MemorySessionDAO（shiro默认）来存储的，整个项目都没有问题，近期我将sessionDao调整成redisSessionDao（代码见下）之后，session可以存入的redis，登录验证也可以验证成功，在获取用户信息的时候确获取不到用户信息,例如SecurityUtils.getSubject().getPrincipal()为null，SecurityUtils.getSubject().isAuthenticated()为false，当sessionDao更改为MemorySessionDAO就一切都正常了，试了好长时间，没有解决，请大牛解答？ redisSessionDao代码如下： public class RedisSessionDAO extends AbstractSessionDAO{ private Logger logger = LoggerFactory.getLogger(this.getClass()); // session 在redis过期时间是30分钟30*60 private static int expireTime = 1800; private static String redisPrefix = "shiro-redis-session:"; @Autowired private RedisTemplate<String, Object> redisTemplate; private String getKey(String originalKey) { return redisPrefix + originalKey; } // 创建session，保存到数据库 @Override protected Serializable doCreate(Session session) throws UnknownSessionException { Serializable sessionId = generateSessionId(session); assignSessionId(session, sessionId); logger.debug("createSession:{}", session.getId().toString()); try { redisTemplate.opsForValue().set(getKey(session.getId().toString()), session); }catch (Exception e){ e.printStackTrace(); logger.error(e.getMessage(),e); } return sessionId; } // 获取session @Override protected Session doReadSession(Serializable sessionId) { logger.debug("readSession:{}", sessionId.toString()); // 先从缓存中获取session，如果没有再去数据库中获取 Session session = null ; try { session = (Session) redisTemplate.opsForValue().get(getKey(sessionId.toString())); }catch (Exception e){ e.printStackTrace(); logger.error(e.getMessage(),e); } return session; } // 更新session的最后一次访问时间 @Override public void update(Session session) { logger.debug("updateSession:{}", session.getId().toString()); String key = getKey(session.getId().toString()); if (!redisTemplate.hasKey(key)) { redisTemplate.opsForValue().set(key, session); } redisTemplate.expire(key, expireTime, TimeUnit.SECONDS); } // 删除session @Override public void delete(Session session) { logger.debug("delSession:{}", session.getId()); redisTemplate.delete(getKey(session.getId().toString())); } @Override public Collection<Session> getActiveSessions() { logger.debug("activeSession"); return Collections.emptySet(); } } shiroConfig配置代码 @Bean(name = "redisSessionDAO") public RedisSessionDAO sessionDAO(){ return new RedisSessionDAO(); } /** * @see DefaultWebSessionManager * @return */ @Bean(name="sessionManager") public DefaultWebSessionManager defaultWebSessionManager() { System.out.println("ShiroConfiguration.defaultWebSessionManager()"); DefaultWebSessionManager sessionManager = new DefaultWebSessionManager(); > sessionManager.setSessionDAO(sessionDAO());//此行代码注释项目即可正常 sessionManager.setCacheManager(ehCacheManager()); sessionManager.setSessionValidationInterval(3600000*12); sessionManager.setGlobalSessionTimeout(3600000*12); sessionManager.setDeleteInvalidSessions(true); sessionManager.setSessionValidationSchedulerEnabled(true); Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME); cookie.setHttpOnly(true); sessionManager.setSessionIdCookie(cookie); return sessionManager; }