--- a/Lib/IMPL/Web/Security.pm	Wed Apr 07 01:05:02 2010 +0400
+++ b/Lib/IMPL/Web/Security.pm	Wed Apr 07 14:45:34 2010 +0400
@@ -1,34 +1,54 @@
 package IMPL::Web::Security;
-
+use strict;
 use base qw(IMPL::Object IMPL::Security IMPL::Object::Autofill);
 
+require IMPL::Web::Security::Session;
+
 use IMPL::Class::Property;
+use IMPL::Security::Auth qw(:Const);
 
 __PACKAGE__->PassThroughArgs;
 
 BEGIN {
-	public property source => prop_all;
-}
-
-sub CTOR {
-	my ($this) = @_;
-	
-	$this->dataSource or die new IMPL::InvalidArgumentException("The argument is required",'dataSource');
+	public property sourceUser => prop_all;
+	public property sourceSession => prop_all;
 }
 
-sub RetrSession {
-	my ($this,$sid) = @_;
+sub AuthUser {
+	my ($this,$name,$package,$challenge) = @_;
+	
+	my $user = $this->sourceUser->search({name => $name});
+	
+	my $auth;	
+	if ( my $secData = $user->secData($package) ) {
+		$auth = $package->new($secData);
+	} else {
+		die new IMPL::SecurityException("Authentication failed","A sec data for the $package isn't found");
+	}
 	
-	return $this->source->RetrSession(id => $sid);
+	my ($status,$answer) = $auth->DoAuth($challenge);
+	
+	if ($status == AUTH_FAIL) {
+		die new IMPL::SecurityException("Authentication failed","DoAuth failed");
+	}
+	
+	return {
+		status => $status,
+		answer => $answer,
+		context => $this->MakeContext( $user, $user->roles, $auth )
+	}
 }
 
-sub RetrSecData {
-	my ($this,$user,$secPackage) = @_;
+sub MakeContext {
+	my ($this,$principal,$roles,$auth) = @_;
 	
-	$user = ref $user ? $user->name : $user;
-	
-	return
-		$this->source->RetrSecData(user => $user, package => $secPackage);
+	return $this->sourceSession->insert(
+		{
+			principal => $principal,
+			rolesAssigned => $roles,
+			auth => $auth
+		}
+	);
 }
 
 1;