This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
The preferred way to implement security in Struts is to use JEE declarative security (see here) or a third-party product like Spring Security.
Rolling your own, while possible, is asking for security exploits.