关于shiro认证登陆这块

最近在研究Shiro框架,我想知道大家是如何保存登录用户信息的,以前不用Shiro的时候存放在Session中, 现在我是如下方法获取登录用户信息:
图片说明
但是获取的是null,这是我的realm代码,按道理应该已经吧user存储起来了才对:
图片说明
,但是就是获取不到,存在Shiro的Session里面也是获取不到,请问呢保存用户信息是需要自己实现还是Shiro框架已经实现,如何实现呢?
感谢!

http://blog.csdn.net/w1196726224/article/details/53560385

package com.zking.shiro;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.zking.biz.PersonBiz;
import com.zking.entity.Person;

public class LoginRealm extends AuthorizingRealm{

private PersonBiz personBiz;

public PersonBiz getPersonBiz() {
    return personBiz;
}

public void setPersonBiz(PersonBiz personBiz) {
    this.personBiz = personBiz;
}

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    //获取用户信息
    String uname=(String) principals.getPrimaryPrincipal();

    //角色
    List<String> roles=new ArrayList<String>();
    roles.add("user");
    if("admin".equals(uname)){
        roles.add("admin");
    }

    SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
    simpleAuthorizationInfo.addRoles(roles);

    return simpleAuthorizationInfo;
}

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

    //TODO 连接数据库进行验证
    //获取数据库信息
    String pname=(String) token.getPrincipal();


    //模拟
    String page=personBiz.getPage(pname);

    SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(pname, page, this.getName());

    return simpleAuthenticationInfo;
}

}
这是我写的用mysql数据库验证的shiro验证 ,希望有用吧