diff --git a/build.gradle b/build.gradle
index 016b65c..6948fcb 100644
--- a/build.gradle
+++ b/build.gradle
@@ -51,6 +51,9 @@ dependencies {
 	implementation 'org.apache.tiles:tiles-api:3.0.8'
 	implementation 'org.apache.tiles:tiles-core:3.0.8'
 
+	// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-aop
+	implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop', version: '2.5.0'
+
 
 }
 tasks.named('test') {
diff --git a/src/main/java/com/no1/wms/account/AccountController.java b/src/main/java/com/no1/wms/account/AccountController.java
index fdcf617..606fe97 100644
--- a/src/main/java/com/no1/wms/account/AccountController.java
+++ b/src/main/java/com/no1/wms/account/AccountController.java
@@ -22,6 +22,7 @@ public class AccountController {
 
     @Autowired
     AccountService accountService;
+
     @Autowired
     AuthorityService authorityService;
 
@@ -75,6 +76,7 @@ public class AccountController {
         return mav;
     }
 
+
     @PostMapping("/update_process")
     @ResponseBody
     public String updateProcess(@RequestBody Map<String, Object> data, Gson gson){
@@ -99,6 +101,15 @@ public class AccountController {
         return gson.toJson("s");
     }
 
+    @PostMapping("/delete_process")
+    @ResponseBody
+    public String deleteProcess(AccountDto dto, Gson gson){
+        accountService.delete(dto);
+
+        return gson.toJson("s");
+    }
+
+
     @PostMapping("/show_modal")
     public ModelAndView showModal(ModelAndView mav, @RequestParam(defaultValue = "") String search,
                                   @RequestParam(defaultValue = "0") int start, @RequestParam String name){
diff --git a/src/main/java/com/no1/wms/account/AccountMapper.java b/src/main/java/com/no1/wms/account/AccountMapper.java
index 04481b4..0be0ebd 100644
--- a/src/main/java/com/no1/wms/account/AccountMapper.java
+++ b/src/main/java/com/no1/wms/account/AccountMapper.java
@@ -28,5 +28,7 @@ public interface AccountMapper {
 
     int resetPassword(AccountDto dto);
 
+    int delete(AccountDto dto);
 
+    AccountDto selectByLogin(AccountDto dto);
 }
diff --git a/src/main/java/com/no1/wms/account/AccountService.java b/src/main/java/com/no1/wms/account/AccountService.java
index 59aeaa2..fe299eb 100644
--- a/src/main/java/com/no1/wms/account/AccountService.java
+++ b/src/main/java/com/no1/wms/account/AccountService.java
@@ -61,6 +61,12 @@ public class AccountService {
         return mapper.resetPassword(dto);
     }
 
+    int delete(AccountDto dto){
+        return mapper.delete(dto);
+    }
 
+    public AccountDto selectByLogin(AccountDto dto){
+           return mapper.selectByLogin(dto);
+    }
 
 }
diff --git a/src/main/java/com/no1/wms/base/AuthAspect.java b/src/main/java/com/no1/wms/base/AuthAspect.java
new file mode 100644
index 0000000..4e72e2d
--- /dev/null
+++ b/src/main/java/com/no1/wms/base/AuthAspect.java
@@ -0,0 +1,133 @@
+package com.no1.wms.base;
+
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import lombok.Getter;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.context.request.ServletWebRequest;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.ModelAndViewDefiningException;
+import org.springframework.web.servlet.view.RedirectView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+import java.util.Objects;
+
+@Aspect
+@Component
+public class AuthAspect {
+
+
+
+    @Around("execution(* com.no1.wms.*.*Controller.*(..))")
+    public Object before(ProceedingJoinPoint joinPoint) throws Throwable {
+        ServletRequestAttributes sa = (ServletRequestAttributes)RequestContextHolder.currentRequestAttributes();
+        HttpServletRequest request = sa.getRequest();
+        HttpServletResponse response = sa.getResponse();
+        HttpSession session = request.getSession();
+        HashMap<String, AuthData> auth = (HashMap<String, AuthData>) session.getAttribute("authSession");
+        if(auth == null){
+            auth = test(request);
+        }
+        String targetController = joinPoint.getTarget().toString().toLowerCase();
+        String[] list = targetController.split("\\.");
+
+        String packageName = list[3];
+        if(packageName.equals("login")) {
+            return joinPoint.proceed();
+        }
+
+
+
+        if(session.getAttribute("userData") == null){
+            response.sendRedirect("/login");
+            return joinPoint.proceed();
+        }
+
+
+
+        AuthData authData = auth.get(packageName);
+        if(packageName.equals("base")){
+            return joinPoint.proceed();
+        }else if( authData != null ){
+            String methodName = joinPoint.getSignature().getName().toLowerCase();
+            if((methodName.startsWith("list") || methodName.startsWith("read")) && !authData.read){
+                throw new Exception();
+            }else if(methodName.startsWith("create") && !authData.create){
+                throw new Exception();
+            }else if(methodName.startsWith("update") && !authData.update){
+                throw new Exception();
+            }else if(methodName.startsWith("delete") && !authData.delete){
+                throw new Exception();
+            }
+
+        }else{
+            throw new Exception();
+        }
+
+        return joinPoint.proceed();
+    }
+    @Autowired
+    AccountService accountService;
+    @Autowired
+    AuthorityService authorityService;
+
+    private HashMap<String, AuthData> test(HttpServletRequest request){
+        AccountDto data = new AccountDto();
+        AuthorityDto authDto = new AuthorityDto();
+        data.setPassword("11232");
+        data.setEmployeeNumber("11232");
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return auth;
+        }
+        return null;
+    }
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
+    }
+}
diff --git a/src/main/java/com/no1/wms/base/AuthData.java b/src/main/java/com/no1/wms/base/AuthData.java
new file mode 100644
index 0000000..a096966
--- /dev/null
+++ b/src/main/java/com/no1/wms/base/AuthData.java
@@ -0,0 +1,12 @@
+package com.no1.wms.base;
+
+import lombok.Data;
+
+@Data
+public class AuthData {
+
+    boolean read = false;
+    boolean create = false;
+    boolean update = false;
+    boolean delete = false;
+}
diff --git a/src/main/java/com/no1/wms/base/BaseController.java b/src/main/java/com/no1/wms/base/BaseController.java
index ffc5173..f6a8e57 100644
--- a/src/main/java/com/no1/wms/base/BaseController.java
+++ b/src/main/java/com/no1/wms/base/BaseController.java
@@ -1,12 +1,30 @@
 package com.no1.wms.base;
 
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
 
 @Controller
 public class BaseController {
+
     @GetMapping("/")
-    public String base(){
-        return "base/hello";
+    public ModelAndView base(HttpServletRequest request, ModelAndView mav){
+
+        mav.addObject("userData", request.getSession().getAttribute("userData"));
+
+        mav.setViewName("base/hello");
+
+        return mav;
     }
+
+
 }
diff --git a/src/main/java/com/no1/wms/base/WebConfig.java b/src/main/java/com/no1/wms/base/WebConfig.java
index 60ed3bd..7348249 100644
--- a/src/main/java/com/no1/wms/base/WebConfig.java
+++ b/src/main/java/com/no1/wms/base/WebConfig.java
@@ -4,12 +4,14 @@ package com.no1.wms.base;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesView;
 import org.springframework.web.servlet.view.tiles3.TilesViewResolver;
 
 @Configuration
+@EnableAspectJAutoProxy
 public class WebConfig implements WebMvcConfigurer {
 
     @Bean
diff --git a/src/main/java/com/no1/wms/login/LoginController.java b/src/main/java/com/no1/wms/login/LoginController.java
index d536a04..33e3535 100644
--- a/src/main/java/com/no1/wms/login/LoginController.java
+++ b/src/main/java/com/no1/wms/login/LoginController.java
@@ -1,15 +1,86 @@
 package com.no1.wms.login;
 
+import com.google.gson.Gson;
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import com.no1.wms.base.AuthData;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpRequest;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+
 @Controller
 public class LoginController {
+
+    @Autowired
+    AccountService accountService;
+
+    @Autowired
+    AuthorityService authorityService;
+
     @GetMapping("/login")
-    public ModelAndView login(ModelAndView mav){
-        mav.setViewName("login");
-        return mav;
+    public String loginPage(){
+        return "login";
+    }
+
+
+
+
+    @PostMapping("/login/check_password")
+    @ResponseBody
+    public String login(AccountDto data, AuthorityDto authDto, Gson gson,  HttpServletRequest request){
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return gson.toJson("s");
+        }
+
+        return gson.toJson("f");
+    }
+
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
     }
 
 }
diff --git a/src/main/resources/mappers/AccountMapper.xml b/src/main/resources/mappers/AccountMapper.xml
index 31d1fe0..d82361c 100644
--- a/src/main/resources/mappers/AccountMapper.xml
+++ b/src/main/resources/mappers/AccountMapper.xml
@@ -48,6 +48,13 @@
         and dept.id = acc.department_id and acc.position_id = pos.id
         where acc.id = #{id}
     </select>
+    <select id="selectByLogin" resultMap="accountResultMap" parameterType="accountDto">
+        SELECT
+            id, name, activation, password,
+            personal_authority_id , group_authority_id
+        from account
+        where employee_number = #{employeeNumber} and password = #{password}
+    </select>
 
     <select id="selectAll" resultMap="accountResultMap" parameterType="map">
         SELECT
@@ -124,4 +131,7 @@
              activation = #{activation}
         WHERE id = #{id}
     </update>
+    <update id="delete" parameterType="accountDto">
+        update account SET activation = false WHERE id = #{id}
+    </update>
 </mapper>
\ No newline at end of file
diff --git a/src/main/resources/static/css/base.css b/src/main/resources/static/css/base.css
index 0c6c846..dae36a3 100644
--- a/src/main/resources/static/css/base.css
+++ b/src/main/resources/static/css/base.css
@@ -1,6 +1,10 @@
 .navi-bg {
-    background-color : antiquewhite;
+    background-color : #222831;
 }
+.nav-item a{
+    color : #EEEEEE;
+}
+
 .img-user{
     width : 100%;
 }
diff --git a/src/main/webapp/WEB-INF/views/account/list.jsp b/src/main/webapp/WEB-INF/views/account/list.jsp
index 6c38b62..78dcaf3 100644
--- a/src/main/webapp/WEB-INF/views/account/list.jsp
+++ b/src/main/webapp/WEB-INF/views/account/list.jsp
@@ -27,9 +27,6 @@
         $(".group_tr").on("click", function(event){
             read($(event.currentTarget).data("tid"));
         });
-
-
-
     });
 
     function onSearch(isPersonalSearch){
@@ -59,7 +56,7 @@
     <div class="row">
         <div class="col-12">
             <div class="mt-5 mb-5 text-center">
-                <h1>그룹 권한 관리</h1><form method="post" action="/account/create"><button class="btn btn-primary" type="submit" id="btn_create">생성</button></form>
+                <h1>계정 관리</h1><form method="post" action="/account/create"><button class="btn btn-primary" type="submit" id="btn_create">생성</button></form>
             </div>
             <div>
                 <hr>
@@ -77,7 +74,7 @@
                             </thead>
                             <tbody>
                                 <c:forEach items="${list }" var="dto" varStatus="status">
-                                <tr class="group_tr" data-tid="${dto.id}">
+                                <tr class="group_tr" data-mingu = "111" data-tid="${dto.id}">
                                     <td>${dto.employeeNumber}</td>
                                     <td>${dto.name}</td>
                                     <td>
diff --git a/src/main/webapp/WEB-INF/views/account/read.jsp b/src/main/webapp/WEB-INF/views/account/read.jsp
index 0bc3675..e1d81e1 100644
--- a/src/main/webapp/WEB-INF/views/account/read.jsp
+++ b/src/main/webapp/WEB-INF/views/account/read.jsp
@@ -11,6 +11,7 @@
       alert("재정의 됨");
     }
     */
+
     const tid = '${dto.id}';
     $(function(){
 
@@ -26,6 +27,35 @@
         $(".c_body").after($form);
         $form.submit();
     }
+    function goDelete(){
+        yesNoModalTextDefine("계정 삭제", "해당 계정을 더이상 사용 안하시겠습니까?");
+        $("#yesNoModalLabel").text(yesNoModal.title);
+        $("#yesNoModalBodyTextDiv").text(yesNoModal.body);
+        yesNoModal.yesFunction = deleteProcess;
+        yesNoModalBootStrap.show();
+
+
+    }
+
+    function deleteProcess(){
+        const data = {};
+        data.id = tid;
+
+        $.ajax({
+            type: 'post',           // 타입 (get, post, put 등등)
+            url: '/account/delete_process',           // 요청할 서버url
+            dataType: 'json',       // 데이터 타입 (html, xml, json, text 등등)
+            data: data,
+            success: function (result) { // 결과 성공 콜백함수
+                const $form =$("<form method='get' action='/account/list'></form>");
+                $(".c_body").after($form);
+                $form.submit();
+            },
+            error: function (request, status, error) {
+                alert(error)
+            }
+        });
+    }
     function resetPassword(){
         const data = {};
         data.id = tid;
@@ -93,6 +123,7 @@
             <button class="btn btn-primary" id="password_reset_button" onclick="resetPassword()">비밀번호 리셋</button>
             <button class="btn btn-primary" id="btn_edit" onclick="goUpdate()">수정</button>
             <button class="btn btn-danger" id="btn_exit" onclick="goList()">뒤로</button>
+            <button class="btn btn-danger" id="btn_delete" onclick="goDelete()">삭제</button>
         </div>
     </div>
 </div>
diff --git a/src/main/webapp/WEB-INF/views/base/layout.jsp b/src/main/webapp/WEB-INF/views/base/layout.jsp
index a4fa431..9923e78 100644
--- a/src/main/webapp/WEB-INF/views/base/layout.jsp
+++ b/src/main/webapp/WEB-INF/views/base/layout.jsp
@@ -24,6 +24,8 @@
 <!-- 스크립트 부분 안건들여도됨-->
 <script>
     let searchModalBootStrap;
+    let yesNoModalBootStrap;
+    let featherLoad = false;
     $(function(){
         //네비게이션 관련
         const $listNavLink = $("a.nav-link");
@@ -36,7 +38,7 @@
         //네비게이션 관련 끝
 
         //yes no 모달 관련
-        const yesNoModalBootStrap = new bootstrap.Modal("#yes_no_modal");
+        yesNoModalBootStrap = new bootstrap.Modal("#yes_no_modal");
         $("#yes_no_modal_show_button").on("click", function(){
             $("#yesNoModalLabel").text(yesNoModal.title);
             $("#yesNoModalBodyTextDiv").text(yesNoModal.body);
@@ -82,7 +84,10 @@
 
 
         //네비게이션 쪽 아이콘만들어 주는 함수
-        feather.replace();
+        if(!featherLoad) {
+            featherLoad = true;
+            feather.replace();
+        }
     });
     /*
        * 검색 팝업 모달 닫는 함수
diff --git a/src/main/webapp/WEB-INF/views/base/navigation.jsp b/src/main/webapp/WEB-INF/views/base/navigation.jsp
index b137332..8ac097c 100644
--- a/src/main/webapp/WEB-INF/views/base/navigation.jsp
+++ b/src/main/webapp/WEB-INF/views/base/navigation.jsp
@@ -1,4 +1,5 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <!-- 네비게이션 쪽 -->
 <div class="col-auto col-md-2 col-xl-2 px-sm-2 px-0 navi-bg">
     <div class="d-flex flex-column align-items-center align-items-sm-start px-3 pt-2 min-vh-100">
@@ -9,76 +10,102 @@
                     <div class="text-center">
                         <img  class="img-user" src="https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg" alt="유저 이미지">
                         <br>
-                        <p class="user-name">김이박 사원</p>
+                        <p class="user-name">${userData.name}</p>
                     </div>
                 </a>
             </li>
             <hr class="my-3">
+            <c:if test="${authSession.account.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/account/list">
                     <i data-feather="users"></i>계정
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.account.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/password_reset">
                     <i data-feather="key"></i>비밀번호 초기화
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.authority.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2 active" aria-current="page" href="/authority/list">
                     <i data-feather="user"></i>권한
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.category.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/category/list">
                     <i data-feather="user"></i>제품 카테고리
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.product.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/product/list">
                     <i data-feather="box"></i>제품
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.price.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/price/list">
                     <i data-feather="dollar-sign"></i>제품 가격
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.vendor.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/vender/list">
                     <i data-feather="compass"></i>거래처
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.warehouse.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/warehouse/list">
                     <i data-feather="inbox"></i>창고
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.product.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/stock/list">
                     <i data-feather="archive"></i>재고
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.account.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/plan_in/list">
                     <i data-feather="user"></i>입고 예정
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.in.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/in/list">
                     <i data-feather="check"></i>입고
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.out.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/out/list">
                     <i data-feather="truck"></i>출고
                 </a>
             </li>
+            </c:if>
+            <c:if test="${authSession.board.read}">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/board/list">
                     <i data-feather="list"></i>게시판
                 </a>
             </li>
+            </c:if>
         </ul>
 
         <hr class="my-3">
diff --git a/src/main/webapp/WEB-INF/views/modal/login.jsp b/src/main/webapp/WEB-INF/views/modal/login.jsp
new file mode 100644
index 0000000..fc03255
--- /dev/null
+++ b/src/main/webapp/WEB-INF/views/modal/login.jsp
@@ -0,0 +1,77 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles"%>
+<!DOCTYPE html>
+<html lang="ko">
+<head>
+
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
+    <script src="https://unpkg.com/feather-icons"></script>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-T3c6CoIi6uLrA9TneNEoa7RxnatzjcDSCmG1MXxSR1GAsXEV/Dwwykc2MPK8M2HN" crossorigin="anonymous">
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-C6RzsynM9kWDrMNeT87bh95OGNyZPhcTNXj1NW7RuBCsyN/o0jlpcV8Qyq46cDfL" crossorigin="anonymous"></script>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>No1 WMS</title>
+    <style>
+        .form-signin {
+            width: 100%;
+            max-width: 330px;
+            padding: 15px;
+            margin: auto;
+        }
+        body{
+            display: flex;
+            align-items: center;
+            padding-top: 40px;
+            padding-bottom: 40px;
+            background-color: #f5f5f5;
+        }
+
+
+    </style>
+
+</head>
+<body class="text-center">
+<script>
+    function onLogin(){
+        const data={};
+        data.employeeNumber=$("#employ_number").val();
+        data.password=$("#password").val();
+        $.ajax({
+            type: 'post',           // 타입 (get, post, put 등등)
+            url: '/login/check_password',           // 요청할 서버url
+            dataType: 'json',       // 데이터 타입 (html, xml, json, text 등등)
+            data: data,
+            success: function (result) { // 결과 성공 콜백함수
+                window.location.href = "/";
+            },
+            error: function (request, status, error) {
+                alert(error);
+            }
+        });
+    }
+</script>
+<main class="form-signin">
+        <img class="mb-4" src="/docs/5.0/assets/brand/bootstrap-logo.svg" alt="" width="72" height="57">
+        <h1 class="h3 mb-3 fw-normal">Please sign in</h1>
+
+        <div class="form-floating">
+            <input type="text" class="form-control" id="employ_number" name="employeeNumber" placeholder="사번">
+            <label for="employ_number">사번</label>
+        </div>
+        <div class="form-floating">
+            <input type="password" name="password" class="form-control" id="password" placeholder="비밀번호">
+            <label for="password">비밀번호</label>
+        </div>
+
+        <div class="checkbox mb-3">
+            <label>
+                <a href="/">비밀번호를 잊으셨나요?</a>
+            </label>
+        </div>
+        <button class="w-100 btn btn-lg btn-primary" type="button" onclick="onLogin()">로그인</button>
+        <p class="mt-5 mb-3 text-muted">© 2023–2024</p>
+</main>
+
+</body>
+</html>
\ No newline at end of file