diff --git a/Gemfile b/Gemfile
index f4df5a0d6..1f7fb3fc5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -31,6 +31,9 @@ gem 'jbuilder', '~> 2.0'
 # Replacement for erb
 gem 'haml-rails', '~> 0.5.3'
 
+#For XML parsing
+gem 'nokogiri', '~> 1.6.2.1'
+
 group :assets do
   # See https://github.com/sstephenson/execjs#readme for more supported runtimes
   gem 'therubyracer',  platforms: :ruby
@@ -61,9 +64,6 @@ group :development, :test do
   # Library to generate fake data
   gem 'faker', '~> 1.3.0'
 
-  #For XML parsing
-  gem 'nokogiri', '~> 1.6.2.1'
-
   # For debugging
   gem 'pry'
   gem 'pry-byebug'
diff --git a/app/controllers/epp/sessions_controller.rb b/app/controllers/epp/sessions_controller.rb
index 5f8baf88a..2fa55d020 100644
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@@ -11,6 +11,21 @@ class Epp::SessionsController < ApplicationController
   end
 
   def login
-    render 'login'
+    login_params = parsed_frame.css('epp command login')
+    username = login_params.css('clID').text
+    password = login_params.css('pw').text
+
+    @epp_user = EppUser.find_by(username: username, password: password)
+
+    if @epp_user.try(:active)
+      render 'login_success'
+    else
+      response.headers['X-EPP-Returncode'] = '2200'
+      render 'login_fail'
+    end
+  end
+
+  def parsed_frame
+    Nokogiri::XML(params[:frame]).remove_namespaces!
   end
 end
diff --git a/app/models/epp_user.rb b/app/models/epp_user.rb
new file mode 100644
index 000000000..873699580
--- /dev/null
+++ b/app/models/epp_user.rb
@@ -0,0 +1,3 @@
+class EppUser < ActiveRecord::Base
+  belongs_to :registrar
+end
diff --git a/app/models/registrar.rb b/app/models/registrar.rb
index b77efa067..d7f38202f 100644
--- a/app/models/registrar.rb
+++ b/app/models/registrar.rb
@@ -2,4 +2,5 @@ class Registrar < ActiveRecord::Base
   belongs_to :country
   has_many :domains
   has_many :ns_sets
+  has_many :epp_users
 end
diff --git a/app/views/epp/sessions/login_fail.xml.builder b/app/views/epp/sessions/login_fail.xml.builder
new file mode 100644
index 000000000..89dfe1b32
--- /dev/null
+++ b/app/views/epp/sessions/login_fail.xml.builder
@@ -0,0 +1,13 @@
+xml.instruct!
+xml.epp('xmlns' => 'urn:ietf:params:xml:ns:epp-1.0', 'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance', 'xsi:schemaLocation' => 'urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd') do
+  xml.response do
+    xml.result('code' => '2501') do
+      xml.msg('Authentication error; server closing connection')
+    end
+  end
+
+  xml.trID do
+    xml.svTRID 'svTrid'
+    xml.clTRID 'wgyn001#10-02-08at13:58:06'
+  end
+end
diff --git a/app/views/epp/sessions/login.xml.builder b/app/views/epp/sessions/login_success.xml.builder
similarity index 81%
rename from app/views/epp/sessions/login.xml.builder
rename to app/views/epp/sessions/login_success.xml.builder
index 52b3545c0..3a5c3cff4 100644
--- a/app/views/epp/sessions/login.xml.builder
+++ b/app/views/epp/sessions/login_success.xml.builder
@@ -2,7 +2,7 @@ xml.instruct!
 xml.epp('xmlns' => 'urn:ietf:params:xml:ns:epp-1.0', 'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance', 'xsi:schemaLocation' => 'urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd') do
   xml.response do
     xml.result('code' => '1000') do
-      xml.msg('User test was authenticated. Welcome.', 'lang' => 'en')
+      xml.msg('Command completed successfully', 'lang' => 'en')
     end
   end
 
diff --git a/db/migrate/20140620130107_create_epp_users.rb b/db/migrate/20140620130107_create_epp_users.rb
new file mode 100644
index 000000000..c120d8a70
--- /dev/null
+++ b/db/migrate/20140620130107_create_epp_users.rb
@@ -0,0 +1,14 @@
+class CreateEppUsers < ActiveRecord::Migration
+  def change
+    create_table :epp_users do |t|
+      t.integer :registrar_id
+      t.string :username
+      t.string :password
+      t.boolean :active, default: false
+      t.text :csr
+      t.text :crt
+
+      t.timestamps
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 58ddc0139..1ca6da654 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20140616073945) do
+ActiveRecord::Schema.define(version: 20140620130107) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -61,6 +61,17 @@ ActiveRecord::Schema.define(version: 20140616073945) do
     t.datetime "updated_at"
   end
 
+  create_table "epp_users", force: true do |t|
+    t.integer  "registrar_id"
+    t.string   "username"
+    t.string   "password"
+    t.boolean  "active",       default: false
+    t.text     "csr"
+    t.text     "crt"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
   create_table "nameservers", force: true do |t|
     t.string   "name"
     t.string   "ip"
diff --git a/spec/epp/session_spec.rb b/spec/epp/session_spec.rb
index 82a62919f..70a0ac885 100644
--- a/spec/epp/session_spec.rb
+++ b/spec/epp/session_spec.rb
@@ -15,13 +15,43 @@ describe 'EPP Session', type: :epp do
     before(:each) { server.open_connection }
     after(:each) { server.close_connection }
 
-    it 'logs in epp user' do
+    it 'does not log in with invalid user' do
       response = Nokogiri::XML(server.send_request(read_body('login.xml')))
+      result = response.css('epp response result').first
+      expect(result[:code]).to eq('2501')
+
+      msg = response.css('epp response result msg').text
+      expect(msg).to eq('Authentication error; server closing connection')
+
+      Fabricate(:epp_user, active: false)
+
+      response = Nokogiri::XML(server.send_request(read_body('login.xml')))
+      result = response.css('epp response result').first
+      expect(result[:code]).to eq('2501')
+    end
+
+    it 'logs in epp user' do
+      Fabricate(:epp_user)
+
+      response = Nokogiri::XML(server.send_request(read_body('login.xml')))
+
       result = response.css('epp response result').first
       expect(result[:code]).to eq('1000')
 
       msg = response.css('epp response result msg').text
-      expect(msg).to eq('User test was authenticated. Welcome.')
+      expect(msg).to eq('Command completed successfully')
+    end
+
+    it 'does not log in twice' do
+      Fabricate(:epp_user)
+      server.send_request(read_body('login.xml'))
+      response = Nokogiri::XML(server.send_request(read_body('login.xml')))
+
+      result = response.css('epp response result').first
+      expect(result[:code]).to eq('2002')
+
+      msg = response.css('epp response result msg').text
+      expect(msg).to match(/Already logged in. Use/)
     end
   end
 end
diff --git a/spec/fabricators/epp_user_fabricator.rb b/spec/fabricators/epp_user_fabricator.rb
new file mode 100644
index 000000000..f30013cfe
--- /dev/null
+++ b/spec/fabricators/epp_user_fabricator.rb
@@ -0,0 +1,5 @@
+Fabricator(:epp_user) do
+  username 'test'
+  password 'test'
+  active true
+end
diff --git a/spec/models/epp_user_spec.rb b/spec/models/epp_user_spec.rb
new file mode 100644
index 000000000..a1d5bb7e6
--- /dev/null
+++ b/spec/models/epp_user_spec.rb
@@ -0,0 +1,5 @@
+require "rails_helper"
+
+describe EppUser do
+  it { should belong_to(:registrar) }
+end
diff --git a/spec/models/registrar_spec.rb b/spec/models/registrar_spec.rb
index e9ad976ad..bab87ed37 100644
--- a/spec/models/registrar_spec.rb
+++ b/spec/models/registrar_spec.rb
@@ -4,4 +4,5 @@ describe Registrar do
   it { should belong_to(:country) }
   it { should have_many(:domains) }
   it { should have_many(:ns_sets) }
+  it { should have_many(:epp_users) }
 end