diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
index 83924b68..e0298f38 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
@@ -127,8 +127,7 @@ public class UserRealm extends AuthorizingRealm
             log.info("对用户[" + username + "]进行登录验证..验证未通过{}", e.getMessage());
             throw new AuthenticationException(e.getMessage(), e);
         }
-        ShiroUtils.getSession().setAttribute("sysUser", user);
-        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user.getLoginName(), password, getName());
+        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
         return info;
     }
 
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/util/ShiroUtils.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/util/ShiroUtils.java
index ffb32ea3..a4d5dc70 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/util/ShiroUtils.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/util/ShiroUtils.java
@@ -5,6 +5,8 @@ import org.apache.shiro.crypto.SecureRandomNumberGenerator;
 import org.apache.shiro.mgt.RealmSecurityManager;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.subject.SimplePrincipalCollection;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.bean.BeanUtils;
 import com.ruoyi.framework.shiro.realm.UserRealm;
@@ -35,7 +37,7 @@ public class ShiroUtils
     public static SysUser getSysUser()
     {
         SysUser user = null;
-        Object obj = getSession().getAttribute("sysUser");
+        Object obj = getSubjct().getPrincipal();
         if (StringUtils.isNotNull(obj))
         {
             user = new SysUser();
@@ -46,7 +48,12 @@ public class ShiroUtils
 
     public static void setSysUser(SysUser user)
     {
-        ShiroUtils.getSession().setAttribute("sysUser", user);
+        Subject subject = getSubjct();
+        PrincipalCollection principalCollection = subject.getPrincipals();
+        String realmName = principalCollection.getRealmNames().iterator().next();
+        PrincipalCollection newPrincipalCollection = new SimplePrincipalCollection(user, realmName);
+        // 重新加载Principal
+        subject.runAs(newPrincipalCollection);
     }
 
     public static void clearCachedAuthorizationInfo()