diff --git a/browser/views.py b/browser/views.py
index 7c1d55a..dcb3bd3 100755
--- a/browser/views.py
+++ b/browser/views.py
@@ -1,6 +1,8 @@
 import os
 from django.http import Http404
 from django.shortcuts import render_to_response
+from django.template import RequestContext
+from django.contrib.auth.decorators import permission_required
 from codereview.dashboard.models import Repository
 from codereview.browser import vcs
 
@@ -37,12 +39,16 @@ def _log_data(request, repo, ref, path=None):
             'newer': newer,
             'older': older,
             }
+@permission_required('dashboard.browse')
 def log(request, repository, path=None):
     repo, ref = _repo(request, repository)
-    data = {'repository': repository}
+    data = RequestContext(request, {
+        'repository': repository
+    })
     data.update(_log_data(request, repo, ref, path))
     data.update(_nav_data(request, repo, ref, path))
     return render_to_response('browser/log.html', data)
+@permission_required('dashboard.browse')
 def commit(request, repository, ref):
     try:
         repository = Repository.objects.get(name=repository)
@@ -52,20 +58,21 @@ def commit(request, repository, ref):
     commit = repo.commit(ref)
     diffs = repo.diff(ref)
 
-    return render_to_response('browser/view.html',
-            {
-                'repository': repository,
-                'repo': repo,
-                'ref': ref,
-                'commit': commit,
-                'diffs': diffs,
-            })
+    data = RequestContext(request, {
+        'repository': repository,
+        'repo': repo,
+        'ref': ref,
+        'commit': commit,
+        'diffs': diffs,
+    })
+    return render_to_response('browser/view.html', data)
+@permission_required('dashboard.browse')
 def blob(request, repository, path):
     repo, ref = _repo(request, repository)
-    data = {
+    data = RequestContext(request, {
         'repository': repository,
         'blob': repo.blob(ref, path),
-        }
+    })
     data.update(_log_data(request, repo, ref, path))
     data.update(_nav_data(request, repo, ref, os.path.dirname(path)))
     return render_to_response('browser/blob.html', data)
diff --git a/dashboard/auth.py b/dashboard/auth.py
new file mode 100644
index 0000000..c45e809
--- /dev/null
+++ b/dashboard/auth.py
@@ -0,0 +1,21 @@
+import pam
+from django.contrib.auth.models import User, Group
+
+class PAMBackend:
+    def authenticate(self, username=None, password=None):
+        if pam.authenticate(username, password, service='login'):
+            try:
+                return User.objects.get(username=username)
+            except User.DoesNotExist:
+                # Create new django user
+                user = User(username=username)
+                user.set_password(password)
+                user.save()
+                user.groups.add(Group.objects.get(name='Users'))
+                return user
+        return None
+    def get_user(self, user_id):
+        try:
+            return User.objects.get(pk=user_id)
+        except User.DoesNotExist:
+            return None
diff --git a/dashboard/fixtures/groups.json b/dashboard/fixtures/groups.json
new file mode 100644
index 0000000..829b37c
--- /dev/null
+++ b/dashboard/fixtures/groups.json
@@ -0,0 +1,12 @@
+[
+    {
+        "pk": 1,
+        "model": "auth.group",
+        "fields": {
+            "name": "Users",
+            "permissions": [
+                ["browse", "dashboard", "repository"]
+            ]
+        }
+    }
+]
diff --git a/dashboard/models.py b/dashboard/models.py
index 0826503..077b366 100755
--- a/dashboard/models.py
+++ b/dashboard/models.py
@@ -5,5 +5,10 @@ class Repository(models.Model):
     path = models.CharField(max_length=255)
     type = models.IntegerField(default=0)
 
+    class Meta:
+        permissions = (
+            ("browse", "Browse repositories"),
+        )
+
     def __unicode__(self):
         return self.name
diff --git a/dashboard/urls.py b/dashboard/urls.py
new file mode 100644
index 0000000..7429b4c
--- /dev/null
+++ b/dashboard/urls.py
@@ -0,0 +1,6 @@
+from django.conf.urls.defaults import *
+
+urlpatterns = patterns('',
+    (r'^login/$', 'django.contrib.auth.views.login'),
+    (r'^logout/$', 'django.contrib.auth.views.logout'),
+)
diff --git a/dashboard/views.py b/dashboard/views.py
index 36c16d6..7a650cd 100755
--- a/dashboard/views.py
+++ b/dashboard/views.py
@@ -1,9 +1,14 @@
 from django.shortcuts import render_to_response
+from django.template import RequestContext
+from django.contrib.auth.decorators import permission_required
 from codereview.dashboard.models import Repository
 
+@permission_required('dashboard.browse')
 def index(request):
     """ List available repositories
     """
     repositories = Repository.objects.all()
-    return render_to_response('dashboard/index.html',
-            {'repositories': repositories})
+    data = RequestContext(request, {
+        'repositories': repositories,
+    })
+    return render_to_response('dashboard/index.html', data) 
diff --git a/settings.py b/settings.py
index b10e1be..cf27ca6 100755
--- a/settings.py
+++ b/settings.py
@@ -76,6 +76,13 @@ MIDDLEWARE_CLASSES = (
 )
 
 ROOT_URLCONF = 'codereview.urls'
+LOGIN_URL = '/dashboard/login/'
+LOGIN_REDIRECT_URL = '/'
+
+AUTHENTICATION_BACKENDS = (
+    'django.contrib.auth.backends.ModelBackend',
+    'codereview.dashboard.auth.PAMBackend',
+)
 
 TEMPLATE_DIRS = (
     # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
diff --git a/templates/layouts/default.html b/templates/layouts/default.html
index 0f7b7b2..67bc06c 100644
--- a/templates/layouts/default.html
+++ b/templates/layouts/default.html
@@ -11,7 +11,13 @@
     <body>
         <div id="container">
             <div class="header">
-                <h1><a href="{% url codereview.dashboard.views.index %}">CodeReview</a></title>
+                <h1><a href="{% url codereview.dashboard.views.index %}">CodeReview</a></title></h1>
+                {% if user and user.is_authenticated %}
+                    Currently logged in as
+                    {{ user }}
+
+                    <a href="{% url django.contrib.auth.views.logout %}">Log Out</a>
+                {% endif %}
             </div>
             <div class="navigation">
                 {% block navigation %}
diff --git a/templates/registration/logged_out.html b/templates/registration/logged_out.html
new file mode 100644
index 0000000..597a3c9
--- /dev/null
+++ b/templates/registration/logged_out.html
@@ -0,0 +1,5 @@
+{% extends "layouts/default.html" %}
+{% block content %}
+    <p>You have been logged out.</p>
+    <a href="{% url django.contrib.auth.views.login %}">Log back in</a>
+{% endblock %}
diff --git a/templates/registration/login.html b/templates/registration/login.html
new file mode 100644
index 0000000..1d107a2
--- /dev/null
+++ b/templates/registration/login.html
@@ -0,0 +1,23 @@
+{% extends "layouts/default.html" %}
+
+{% block content %}
+
+{% if form.errors %}
+    <p>Username or password is incorrect</p>
+{% endif %}
+
+<form method="post" action="{% url django.contrib.auth.views.login %}">
+    {% csrf_token %}
+    <fieldset>
+        <dl>
+            <dt>{{ form.username.label_tag }}</dt>
+            <dd>{{ form.username }}</dd>
+            <dt>{{ form.password.label_tag }}</dt>
+            <dd>{{ form.password }}</dd>
+        </dl>
+        <input type="submit" value="Login" />
+        <input type="hidden" name="next" value="{{ next }}" />
+    </fieldset>
+</form>
+
+{% endblock %}
diff --git a/urls.py b/urls.py
index 5411d6f..666995f 100755
--- a/urls.py
+++ b/urls.py
@@ -10,6 +10,8 @@ urlpatterns = patterns('',
     (r'^$', 'codereview.dashboard.views.index'),
     (r'^browser/', include('codereview.browser.urls')),
 
+    (r'^dashboard/', include('codereview.dashboard.urls')),
+
     # Uncomment the admin/doc line below and add 'django.contrib.admindocs' 
     # to INSTALLED_APPS to enable admin documentation:
     # (r'^admin/doc/', include('django.contrib.admindocs.urls')),