shiro配合aop会出现的问题

今天碰到一个有趣的问题，当在shiro配合filter鉴定token后，在控制层
加上@RequireRoles是没有问题的，
但是今天心血来潮，想加一个aop看日志输出，
但是加完之后就报错了：

   : This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager.  This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.

org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager.  This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.

报错提醒我好像是subject shiro的用户主体变为了匿名，
它说在使用login方法之后，shiro会将用户信息放入subject，跟rememberme也有关。
但是调整了一下发现问题好像依旧存在，
新把代码改为分支代码，加入aop，出问题，随即删除aop类，
重新编译运行，居然问题还在，我的天啊！