By default, Shiro’s SessionManager implementations default to a 30 minute session timeout. That is, if any Session created remains idle (unused, where its lastAccessedTime isn’t updated) for 30 minutes or more, the Session is considered expired and will not be allowed to be used anymore.

1. org.apache.shiro.session.ExpiredSessionException: Session with id [b70d9d31-2331-46a7-a5ad-dff736d53c6b] has expired.
   shiro session默认超时时间30分钟。项目接口运行超过30分钟，并在最后执行了数据插入操作，实体带有mybatisplus的@TableField(fill = FieldFill.INSERT)注解，在自动填充字段时调用了subject.getPrincipal()查找当前用户填充creator字段，shiro会调用ProxiedSession.getAttribute()，最后到SimpleSession.validate()，此时shiro session已失效，遂抛出异常
2. org.apache.shiro.session.UnknownSessionException: There is no session with id [b70d9d31-2331-46a7-a5ad-dff736d53c6b]
   异常原因大致同上。