diff --git a/pom.xml b/pom.xml
index e4fef9d4a3e1ad209bd9689107691de22468b410..6745044192e9ff0301d77dc9544205d2c3e157a4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,6 +45,12 @@
 			<artifactId>mysql-connector-java</artifactId>
 			<version>5.1.28</version>
 		</dependency>
+
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.9</version>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/src/main/java/es/uvigo/esei/daa/LoginFilter.java b/src/main/java/es/uvigo/esei/daa/LoginFilter.java
new file mode 100644
index 0000000000000000000000000000000000000000..e8c158683d79c6558cb40dd7642c2868ea26daf3
--- /dev/null
+++ b/src/main/java/es/uvigo/esei/daa/LoginFilter.java
@@ -0,0 +1,113 @@
+package es.uvigo.esei.daa;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import es.uvigo.esei.daa.dao.DAOException;
+import es.uvigo.esei.daa.dao.UsersDAO;
+
+public class LoginFilter implements Filter {
+	@Override
+	public void doFilter(
+		ServletRequest request, 
+		ServletResponse response,
+		FilterChain chain
+	) throws IOException, ServletException {
+		final HttpServletRequest httpRequest = (HttpServletRequest) request;
+		final HttpServletResponse httpResponse = (HttpServletResponse) response;
+		
+		if (isLogoutPath(httpRequest)) {
+			removeCookie(httpResponse);
+			redirectToIndex(httpRequest, httpResponse);
+		} else if (isIndexPath(httpRequest) ||
+			checkLogin(httpRequest, httpResponse) ||
+			checkToken(httpRequest)
+		) {
+			chain.doFilter(request, response);
+		} else {
+			redirectToIndex(httpRequest, httpResponse);
+		}
+	}
+
+	private void redirectToIndex(
+		HttpServletRequest httpRequest,
+		HttpServletResponse httpResponse
+	) throws IOException {
+		httpResponse.sendRedirect(httpRequest.getContextPath() + "/index.html");
+	}
+	
+	private void removeCookie(HttpServletResponse httpResponse) {
+		final Cookie cookie = new Cookie("token", "");
+		cookie.setMaxAge(0);
+		httpResponse.addCookie(cookie);
+	}
+	
+	private boolean isLogoutPath(HttpServletRequest httpRequest) {
+		return httpRequest.getServletPath().equals("/logout");
+	}
+	
+	private boolean isIndexPath(HttpServletRequest httpRequest) {
+		return httpRequest.getServletPath().equals("/index.html");
+	}
+	
+	private boolean checkLogin(HttpServletRequest httpRequest, HttpServletResponse response) {
+		final String login = httpRequest.getParameter("login");
+		final String password = httpRequest.getParameter("password");
+		
+		if (login != null && password != null) {
+			try {
+				final UsersDAO dao = new UsersDAO();
+				final String token = dao.checkLogin(login, password);
+				
+				if (token == null) {
+					return false;
+				} else {
+					response.addCookie(new Cookie("token", token));
+					
+					return true;
+				}
+			} catch (DAOException e) {
+				e.printStackTrace();
+				return false;
+			}
+		} else {
+			return false;
+		}
+	}
+	
+	private boolean checkToken(HttpServletRequest httpRequest) {
+		final Cookie[] cookies = httpRequest.getCookies();
+		
+		if (cookies != null) {
+			for (Cookie cookie : cookies) {
+				if (cookie.getName().equals("token")) {
+					try {
+						return new UsersDAO().checkToken(cookie.getValue()) != null;
+					} catch (DAOException e) {
+						e.printStackTrace();
+						return false;
+					}
+				}
+			}
+		}
+		
+		return false;
+	}
+
+	@Override
+	public void init(FilterConfig config) throws ServletException {
+	}
+
+	@Override
+	public void destroy() {
+	}
+}
diff --git a/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java b/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
new file mode 100644
index 0000000000000000000000000000000000000000..66ef5c2495b9ac8b75a8b588b5cfcd61a0a9f177
--- /dev/null
+++ b/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
@@ -0,0 +1,58 @@
+package es.uvigo.esei.daa.dao;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+import org.apache.commons.codec.digest.DigestUtils;
+
+public class UsersDAO extends DAO {
+	public String checkLogin(String login, String password) throws DAOException {
+		final String shaPassword = DigestUtils.sha256Hex(password);
+
+		try (final Connection conn = this.getConnection()) {
+			final String query = "SELECT password FROM users WHERE login=?";
+			
+			try (PreparedStatement statement = conn.prepareStatement(query)) {
+				statement.setString(1, login);
+				
+				try (ResultSet result = statement.executeQuery()) {
+					if (result.next()) {
+						final String dbPassword = result.getString("password");
+						
+						if (shaPassword.equals(dbPassword)) {
+							return DigestUtils.sha256Hex(login + dbPassword);
+						} else {
+							return null;
+						}
+					} else {
+						return null;
+					}
+				}
+			}
+		} catch (SQLException e) {
+			throw new DAOException(e);
+		}
+	}
+	
+	public String checkToken(String token) throws DAOException {
+		try (final Connection conn = this.getConnection()) {
+			final String query = "SELECT login FROM users WHERE sha2(concat(login, password), 256)=?";
+			
+			try (PreparedStatement statement = conn.prepareStatement(query)) {
+				statement.setString(1, token);
+				
+				try (ResultSet result = statement.executeQuery()) {
+					if (result.next()) {
+						return result.getString("login");
+					} else {
+						return null;
+					}
+				}
+			}
+		} catch (SQLException e) {
+			throw new DAOException(e);
+		}
+	}
+}
diff --git a/src/main/resources/mysql-with-inserts.sql b/src/main/resources/mysql-with-inserts.sql
new file mode 100644
index 0000000000000000000000000000000000000000..2210aa571f822aafa6db4715d625d45c64101a06
--- /dev/null
+++ b/src/main/resources/mysql-with-inserts.sql
@@ -0,0 +1,27 @@
+CREATE DATABASE `daaexample`;
+
+CREATE TABLE `daaexample`.`people` (
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(50) DEFAULT NULL,
+	`surname` varchar(100) DEFAULT NULL,
+	PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `daaexample`.`users` (
+	`login` varchar(100) NOT NULL,
+	`password` varbinary(64) DEFAULT NULL,
+	PRIMARY KEY (`login`)
+);
+
+GRANT ALL ON `daaexample`.* TO 'daa'@'localhost' IDENTIFIED BY 'daa';
+
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Antón','Pérez');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Manuel','Martínez');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Laura','Reboredo');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Perico','Palotes');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Ana','María');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'María','Nuevo');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Alba','Fernández');
+INSERT INTO `daaexample`.`people` (`id`,`name`,`surname`) VALUES (0,'Asunción','Jiménez');
+
+INSERT INTO `daaexample`.`users` (`login`,`password`) VALUES ('mrjato', '59189332a4abf8ddf66fde068cad09eb563b4bd974f7663d97ff6852a7910a73');
diff --git a/src/main/resources/mysql.sql b/src/main/resources/mysql.sql
new file mode 100644
index 0000000000000000000000000000000000000000..88e93d132d2a633ed21b39b0fdd265fc67bd9e0d
--- /dev/null
+++ b/src/main/resources/mysql.sql
@@ -0,0 +1,16 @@
+CREATE DATABASE `daaexample`;
+
+CREATE TABLE `daaexample`.`people` (
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(50) DEFAULT NULL,
+	`surname` varchar(100) DEFAULT NULL,
+	PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `daaexample`.`users` (
+	`login` varchar(100) NOT NULL,
+	`password` varbinary(64) DEFAULT NULL,
+	PRIMARY KEY (`login`)
+);
+
+GRANT ALL ON `daaexample`.* TO 'daa'@'localhost' IDENTIFIED BY 'daa';
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 8f98f73daf8fc3dd45a1930c5d2955e05e62290c..623a8d2665728ef59ac4cfb18c2bc0a383945357 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -3,7 +3,8 @@
 	xmlns="http://java.sun.com/xml/ns/javaee"
 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 	id="WebApp_ID" version="3.0">
-	<display-name>DAAExampleTMP</display-name>
+	<display-name>DAAExample</display-name>
+	
 	<welcome-file-list>
 		<welcome-file>index.html</welcome-file>
 		<welcome-file>index.htm</welcome-file>
@@ -12,15 +13,18 @@
 		<welcome-file>default.htm</welcome-file>
 		<welcome-file>default.jsp</welcome-file>
 	</welcome-file-list>
+	
 	<resource-ref>
 		<description>DAA Example DB Connection</description>
 		<res-ref-name>jdbc/daaexample</res-ref-name>
 		<res-type>javax.sql.DataSource</res-type>
 		<res-auth>Container</res-auth>
 	</resource-ref>
+	
 	<servlet>
 		<servlet-name>javax.ws.rs.core.Application</servlet-name>
 		<init-param>
+			<!-- Activates JSON automatic conversion in JAX-RS -->
 			<param-name>com.sun.jersey.api.json.POJOMappingFeature</param-name>
 			<param-value>true</param-value>
 		</init-param>
@@ -30,10 +34,12 @@
 		<url-pattern>/rest/*</url-pattern>
 	</servlet-mapping>
 
-	<!-- servlet> <servlet-name>webdav</servlet-name> <servlet-class>org.apache.catalina.servlets.WebdavServlet</servlet-class> 
-		<init-param> <param-name>debug</param-name> <param-value>0</param-value> 
-		</init-param> <init-param> <param-name>listings</param-name> <param-value>false</param-value> 
-		</init-param> <init-param> <param-name>readonly</param-name> <param-value>false</param-value> 
-		</init-param> </servlet> <servlet-mapping> <servlet-name>webdav</servlet-name> 
-		<url-pattern>/*</url-pattern> </servlet-mapping -->
+	<!-- filter>
+		<filter-name>LoginFilter</filter-name>
+		<filter-class>es.uvigo.esei.daa.LoginFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>LoginFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping-->
 </web-app>
\ No newline at end of file
diff --git a/src/main/webapp/index.html b/src/main/webapp/index.html
index 74acdfccfb257dfc41965a0fe151174a01e20b56..87a10ae81d9dafc2c6d4dfbfd59115c261ffd76a 100644
--- a/src/main/webapp/index.html
+++ b/src/main/webapp/index.html
@@ -2,21 +2,13 @@
 <html>
 <head>
 <meta charset="UTF-8">
-<title>DAA Example</title>
+<title>DAA Example - Login</title>
 </head>
 <body>
-	<div id="people-container">
-		<h1>People</h1>
-	</div>
-
-	<script type="text/javascript" src="http://code.jquery.com/jquery-2.1.0.js"></script>
-	<script type="text/javascript" src="js/view/people.js"></script>
-	<script type="text/javascript">
-		$(document).ready(function() {
-			insertPeopleForm($('#people-container'));
-			insertPeopleList($('#people-container'));
-			initPeople();
-		});
-	</script>
+	<form action="main.html" method="POST">
+		<div>Login: <input name="login" type="text"/></div>
+		<div>Password: <input name="password" type="password"/></div>
+		<div><input type="submit" value="Login"/></div>
+	</form>
 </body>
 </html>
\ No newline at end of file
diff --git a/src/main/webapp/js/view/people.js b/src/main/webapp/js/view/people.js
index d459d506b58db045c1f2652bb82185d17f1f72f4..315d965a6af8bcb0fcf24778c1c6fb19df168204 100644
--- a/src/main/webapp/js/view/people.js
+++ b/src/main/webapp/js/view/people.js
@@ -50,6 +50,13 @@ function formToPerson() {
 	};
 }
 
+function personToForm(person) {
+	var form = $(peopleFormQuery);
+	form.find('input[name="id"]').val(person.id);
+	form.find('input[name="name"]').val(person.name);
+	form.find('input[name="surname"]').val(person.surname);
+}
+
 function rowToPerson(id) {
 	var row = $('#person-' + id);
 
@@ -60,13 +67,6 @@ function rowToPerson(id) {
 	};
 }
 
-function personToForm(person) {
-	var form = $(peopleFormQuery);
-	form.find('input[name="id"]').val(person.id);
-	form.find('input[name="name"]').val(person.name);
-	form.find('input[name="surname"]').val(person.surname);
-}
-
 function isEditing() {
 	return $(peopleFormQuery + ' input[name="id"]').val() != "";
 }
diff --git a/src/main/webapp/main.html b/src/main/webapp/main.html
new file mode 100644
index 0000000000000000000000000000000000000000..d8f13844f896e89dae6c647e46323bf952aa9bb1
--- /dev/null
+++ b/src/main/webapp/main.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="UTF-8">
+<title>DAA Example</title>
+</head>
+<body>
+	<div id="people-container">
+		<h1>People</h1>
+		<a id="#logout" href="logout">Logout</a>
+	</div>
+
+	<script type="text/javascript" src="http://code.jquery.com/jquery-2.1.0.js"></script>
+	<script type="text/javascript" src="js/view/people.js"></script>
+	<script type="text/javascript">
+		$(document).ready(function() {
+			insertPeopleForm($('#people-container'));
+			insertPeopleList($('#people-container'));
+			initPeople();
+		});
+	</script>
+</body>
+</html>
\ No newline at end of file