我正在使用SpringBoot、SpringSecurity和thymeleaf编写一个小型java应用程序。当我的管理员用户登录时，我通过访问 sessionRegistry . 显示的字段之一是 sessionId 这是从 SessionInformation . 但是，显示的sessionid与通过/actuator/auditevents显示的sessionid不同。知道为什么会这样吗？

List<PrincipalSession> principalSessions = new ArrayList<>();

List<Object> allPrincipals = sessionRegistry.getAllPrincipals();
for (Object o : allPrincipals) {

    MyUserDetails userDetails = (MyUserDetails) o;
    String roles = userDetails
                       .getAuthorities()
                       .stream()
                       .map(a -> a.getAuthority().substring(5)) //drop prefix ROLE_
                       .reduce("", (s, e) -> s + ", " + e)
                       .substring(1); //drop first ','

    List<SessionInformation> sessions = sessionRegistry.getAllSessions(o, true);

    for (SessionInformation si : sessions) {

        PrincipalSession ps = new PrincipalSession(userDetails.getUsername(), 
                                     roles,
                                     si.getSessionId(),
                                     si.isExpired() ? "expired" : "alive",
                                     userDetails.isAccountNonExpired() ? "active" : "expired",
                                     userDetails.isAccountNonLocked() ? "unlocked" : "locked",
                                     userDetails.isCredentialsNonExpired() ? "valid" : "expired",
                                     userDetails.isEnabled() ? "enabled" : "disabled");
        principalSessions.add(ps);
     }
}