*hi,I study shiro just now,and read some code like below,but I have one question:the user's password\role stored in database,how shiro get the password\role and check it? Thanks.
code:
UsernamePasswordToken token =
new UsernamePasswordToken(username, password);*
* try {
Subject subject = SecurityUtils.getSubject();
subject.login(token);
token.clear();
url = "/secure/index.jsp";
}*
