public class ShiroUtils { public static Session getSession() { return SecurityUtils.getSubject().getSession(); } public static Subject getSubject() { return SecurityUtils.getSubject(); } public static SysUser getUserEntity() { return (SysUser)SecurityUtils.getSubject().getPrincipal(); } public static Long getUserId() { return getUserEntity().getUserId(); } public static void setSessionAttribute(Object key, Object value) { getSession().setAttribute(key, value); } public static Object getSessionAttribute(Object key) { return getSession().getAttribute(key); } public static boolean isLogin() { return SecurityUtils.getSubject().getPrincipal() != null; } public static void logout() { SecurityUtils.getSubject().logout(); } public static boolean isHasRole(String roleSign) { return SecurityUtils.getSubject().hasRole(roleSign); } }

这是一个Shiro权限框架相关的工具类，其中包含了一些常用的操作方法，比如 getSession、getSubject、getUserEntity、getUserId、setSessionAttribute、getSessionAttribute、isLogin、logout、isHasRole。这些方法可以方便地获取当前用户的信息，判断用户是否登录，以及查询用户是否拥有某个角色等操作。Shiro是一个非常强大的安全框架，可以帮助我们快速地实现权限控制功能。

相关问题

SecurityUtils.getSubject().getSession().getAttribute

SecurityUtils.getSubject().getSession().getAttribute可以用于获取当前Subject的Session中的属性值。Shiro提供了Subject对象来与当前执行的用户进行交互，通过调用getSession()方法可以获取到当前用户的Session对象，然后可以使用getAttribute()方法来获取Session中的属性值。在配置文件中，可以通过sessionDAO来配置Session的数据访问对象，从而实现对Session的管理。<span class="em">1</span><span class="em">2</span><span class="em">3</span>
#### 引用[.reference_title]
- *1* [12.Shiro会话管理](https://blog.csdn.net/qq_36468169/article/details/102828492)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"]
- *2* *3* [org.apache.shiro.SecurityUtils.getSubject().getSession()](https://blog.csdn.net/bitree1/article/details/50498970)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"]
[ .reference_list ]

SecurityUtils.getSubject().getSession(true).getAttribute()

This code retrieves an attribute from the user's session in Apache Shiro.

Explanation:

- `SecurityUtils.getSubject()` returns the currently authenticated subject (i.e., user) in the application.
- `.getSession(true)` retrieves the user's session (or creates a new one if it doesn't exist yet) and returns a `Session` object.
- `.getAttribute()` is a method of the `Session` object that retrieves an attribute stored in the session. It takes a single parameter, which is the name of the attribute to retrieve.

Therefore, the full expression `SecurityUtils.getSubject().getSession(true).getAttribute()` retrieves an attribute from the user's session. The actual name of the attribute being retrieved is not specified in this code and would need to be provided as an argument to the `getAttribute()` method.