--- a/Lib/IMPL/Security/Auth.pm	Tue Mar 23 16:55:25 2010 +0300
+++ b/Lib/IMPL/Security/Auth.pm	Wed Mar 24 17:41:41 2010 +0300
@@ -20,6 +20,14 @@
     }
 }
 
+sub DoAuth {
+	die new IMPL::NotImplementedException;
+}
+
+sub ValidateSession {
+	die new IMPL::NotImplementedException;
+}
+
 1;
 
 __END__
@@ -32,7 +40,7 @@
 
 В процессе авторизации клиент и сервер обмениеваются данными безопасности C<$challenge>.
 
-При этом
+При этом 
 
 =over
 

--- a/Lib/IMPL/Web/QueryHandler/AuthCookie.pm	Tue Mar 23 16:55:25 2010 +0300
+++ b/Lib/IMPL/Web/QueryHandler/AuthCookie.pm	Wed Mar 24 17:41:41 2010 +0300
@@ -4,11 +4,18 @@
 use Digest::MD5 qw(md5_hex);
 
 use IMPL::Class::Property;
+use IMPL::Security::Auth qw(:Const);
 
 BEGIN {
 	public property salt => prop_all;
 }
 
+sub CTOR {
+	my ($this) = @_;
+	
+	
+}
+
 sub Process {
 	my ($this,$action,$nextHandler) = @_;
 	
@@ -16,18 +23,27 @@
 	
 	if ($method eq 'simple') {
 		
+		my $sid = $action->query->cookie('sid'); 
+		
 		if ($action->query->cookie('sign') eq md5_hex(
 			$this->salt,
-			$action->query->cookie('sid'),
+			$sid,
 			$this->salt
 		) ) {
 			
-			my $context = $action->application->security->Session($action->query->cookie('sid'));
+			my $context = $action->application->security->Session(
+				id => $sid,
+				method => 'simple'				
+			);
+			
+			my ($result,$challenge) = $context->auth->ValidateSession($sid);
 			
-			$context->auth->
-			
+			if ($result == AUTH_SUCCESS) {
+				return $context->Impersonate($nextHandler);				
+			} else {
+				return $nextHandler->();
+			}
 		}
-				
 	} else {
 		die new IMPL::Exception("Unknown auth method",$method);
 	}

--- a/Lib/IMPL/Web/Security/Embed.pm	Tue Mar 23 16:55:25 2010 +0300
+++ b/Lib/IMPL/Web/Security/Embed.pm	Wed Mar 24 17:41:41 2010 +0300
@@ -1,3 +1,5 @@
 package IMPL::Web::Security::Embed;
 
-use base qw(IMPL::Object);
\ No newline at end of file
+use base qw(IMPL::Object);
+
+1;
\ No newline at end of file