diff --git a/CL-BSCSD-22-03/my-web-app1/src/main/java/oop/Utill.java b/CL-BSCSD-22-03/my-web-app1/src/main/java/oop/Utill.java
index 21428db..855d568 100644
--- a/CL-BSCSD-22-03/my-web-app1/src/main/java/oop/Utill.java
+++ b/CL-BSCSD-22-03/my-web-app1/src/main/java/oop/Utill.java
@@ -5,8 +5,14 @@
  */
 package oop;
 
+import java.net.HttpCookie;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.UUID;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
 /**
  *
@@ -14,13 +20,44 @@
  */
 public class Utill {
 
-    public List<Person> getPersons() {
+    public static List<Person> getPersons() {
         List<Person> persons = new ArrayList<>();
-        persons.add(new Person("Roshan","54657","0715236589","1990-05-26","Male"));
-        persons.add(new Person("Amali","98414","0774582658","1986-08-15","Female"));
-        persons.add(new Person("Sudath","63874","0782463598","1970-04-02","Male"));
-        persons.add(new Person("Hasini","25896","0725896354","1991-10-20","Female"));
+        persons.add(new Person("Roshan", "54657", "0715236589", "1990-05-26", "Male"));
+        persons.add(new Person("Amali", "98414", "0774582658", "1986-08-15", "Female"));
+        persons.add(new Person("Sudath", "63874", "0782463598", "1970-04-02", "Male"));
+        persons.add(new Person("Hasini", "25896", "0725896354", "1991-10-20", "Female"));
         return persons;
     }
 
+    public static boolean authenticate(HttpServletRequest request, HttpServletResponse response, HttpSession session) {
+        String username = request.getParameter("username");
+        String password = request.getParameter("password");
+        if ((username != null) && (password != null) && (username.equals("admin")) && (password.equals("123"))) {
+            String newSessionId = UUID.randomUUID().toString();
+            session.setAttribute("session_id", newSessionId);
+            Cookie newCookie = new Cookie("session_id", newSessionId);
+            response.addCookie(newCookie);
+            return true;
+        } else {
+            try {
+                Cookie sessionCookie = null;
+                Cookie[] cookies = request.getCookies();
+                for (Cookie cookie : cookies) {
+                    if (cookie.getName().equals("session_id")) {
+                        sessionCookie = cookie;
+                    }
+                }
+                if (sessionCookie != null) {
+                    String sessionId = session.getAttribute("session_id").toString();
+                    if (sessionId.equals(sessionCookie.getValue())) {
+                        return true;
+                    }
+                }
+                return false;
+            } catch (NullPointerException e) {
+                return false;
+            }
+        }
+    }
+
 }
diff --git a/CL-BSCSD-22-03/my-web-app1/src/main/webapp/index.jsp b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/index.jsp
index 2ea3277..25b5b95 100644
--- a/CL-BSCSD-22-03/my-web-app1/src/main/webapp/index.jsp
+++ b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/index.jsp
@@ -14,6 +14,10 @@
         <title>JSP Page</title>
     </head>
     <body>
+        <%
+
+            if (Utill.authenticate(request, response, session)) {
+        %>
         <table border="1">
             <thead>
                 <tr>
@@ -26,18 +30,30 @@
             </thead>
             <tbody>
                 <%
-                    Utill utill = new Utill();
-                    for (Person p : utill.getPersons()) {
+                    for (Person p : Utill.getPersons()) {
                 %>
                 <tr>
                     <td><%= p.getNic()%></td>
-                    <td><%= p.getName() %></td>
+                    <td><%= p.getName()%></td>
                     <td><%= p.getDateOfBirth()%></td>
                     <td><%= p.getGender()%></td>
                     <td><%= p.getMobile()%></td>
                 </tr>
-                <% } %>
+                <%
+                    }
+                %>
             </tbody>
         </table>
+        <br>
+        <br>
+        <br>
+        <form action="logout.jsp" method="POST">
+            <input type="submit" value="Logout" />
+        </form>
+        <%
+            } else {
+                response.sendRedirect("login.jsp");
+            }
+        %>
     </body>
 </html>
diff --git a/CL-BSCSD-22-03/my-web-app1/src/main/webapp/login.jsp b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/login.jsp
new file mode 100644
index 0000000..e890cb3
--- /dev/null
+++ b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/login.jsp
@@ -0,0 +1,32 @@
+<%-- 
+    Document   : login
+    Created on : Aug 15, 2021, 4:59:23 PM
+    Author     : Chanaka
+--%>
+
+<%@page import="oop.Utill"%>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<!DOCTYPE html>
+<%
+    if (Utill.authenticate(request, response, session)) {
+        response.sendRedirect("./");
+    } else {
+%>
+<html>
+    <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+        <title>JSP Page</title>
+    </head>
+    <body>
+        <form action="index.jsp" method="POST">
+            <label>Username :</label>
+            <input type="text" name="username"><br/>
+            <label>Password :</label>
+            <input type="password" name="password"><br/>
+            <input type="submit" value="Login">
+        </form>
+    </body>
+</html>
+<%
+    }
+%>
diff --git a/CL-BSCSD-22-03/my-web-app1/src/main/webapp/logout.jsp b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/logout.jsp
new file mode 100644
index 0000000..360eeaa
--- /dev/null
+++ b/CL-BSCSD-22-03/my-web-app1/src/main/webapp/logout.jsp
@@ -0,0 +1,10 @@
+<%-- 
+    Document   : logout.jsp
+    Created on : Aug 29, 2021, 12:17:48 PM
+    Author     : Chanaka
+--%>
+
+<%
+    session.invalidate();
+    response.sendRedirect("./login.jsp");
+%>