The paper first combines the characteristics of a third-party logistics system, analyzes the shortcomings of traditional access control methods, and discusses the advantages of role-based access control(RBAC Role Based Access Control)methods, which is currently popular. The paper then summarizes the characteristics of EJB and Struts, and finally introduces the design and implementation process of right management in the third-party logistics with a role-based and Struts+EJB architecture. The result shows that the system has high security, flexibility, and not only provides a good access control for the third-party logistics system, but it also can be reused by adding to the other system with the right management.