When using Shiro framework,Directly hard code the key into the source code. The attacker can get the key by enumerating the key, and the malicious statement can be serialized through this key. When the backend gets the malicious data and deserializes it, the malicious statement will execute