shiro login成功后保存了哪些数据

shiro login成功后 保存了Principals 和 AuthenticationState到session中，所以我们每次请求都能从session成功获取到这2个属性。


核心类：DefaultSubjectDAO


[code="java"]public Subject save(Subject subject) {
if (this.isSessionStorageEnabled(subject)) {
this.saveToSession(subject);
} else {
log.trace("Session storage of subject state for Subject [{}] has been disabled: identity and authentication state are expected to be initialized on every request or invocation.", subject);
}

return subject;
}

protected void saveToSession(Subject subject) {
this.mergePrincipals(subject);
this.mergeAuthenticationState(subject);
}[/code]