the use of some code on the server that would check a submitted username/password combination against a database of authorised users.
If you simply want to log people in and out, and you aren't protecting very sensitive information you can do it very easily by using readily available software.
click here for details of one widely-used method.
and click here for something slightly different.
There are other, more robust methods, and if you need that level of protection post again in this thread, and one of us will explain how to do it.