Login security consists of two aspects: authentication and authorization Authentication is verification that the user is who he/she

claims to be (i.e. can he/she supply th e correct username and password to login to the system) Authorization answers the question "What privieges does this particular user have?" In other w ords what is he/she allowed to do (or have access to) in the system? On the front end the project employs Struts Tiles heavily with a reusable JSP layout called ".homepageLayout" in tile s-defs.xml. This reusable layout, composed of five JSP components, relies on inh eritance to reduce the necessary page increase due to tiles. Each jsp outside th e homePageLayout block extends the base layout and overrides only the body page. Notice, the menu.jsp which is Scriptlet-based carries with it twelve URL action paths covering every functional fact of the application.