This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
My suggestion would be to keep your login form as a regular, non-struts jsp and register it in the web.xml file, just as you do with your non-struts applications. Once the user is authenticated, you can use the J2EE security APIs within your action class to verify roles, etc.
When you write a struts application, not every page has to use struts html tags.