When looked at as a whole BELTS is a large and complex system with hundreds of components. Like most complex things, though, BELTS can be broken down into component parts, which themselves can often be broken down. Once you have a basic understanding of how the system breaks down, working with the individual parts is far less daunting than trying to work with the system as a whole.
Figure 3.1 provides a general breakdown of BELTS. BELTS is first broken down into four layers: security, presentation, service and storage. These layers each contain a number of components. The function of each of these layers and an overview of what each layer contains is provided below.
Before any user-initiated action occurs the security layer is invoked. There are two primary components to this layer: the security manager and the session manager. The security manager is responsible for checking credentials against principals, and also ensures that the security context is propagated to the current thread of execution. The session manager maintains user information between HTTP requests.