diff --git a/AuthenticationProvider.cs b/AuthenticationProvider.cs
new file mode 100644
index 0000000..f9922dc
--- /dev/null
+++ b/AuthenticationProvider.cs
@@ -0,0 +1,38 @@
+// /**
+//  * File: AuthenticationProvider.cs
+//  * Author: haraldwolff
+//  *
+//  * This file and it's content is copyrighted by the Author and / or copyright holder.
+//  * Any use wihtout proper permission is illegal and may lead to legal actions.
+//  *
+//  *
+//  **/
+using System;
+using System.Collections.Generic;
+namespace ln.http
+{
+    public abstract class AuthenticationProvider
+    {
+        public AuthenticationProvider()
+        {
+        }
+
+        public abstract IEnumerable<HttpUser> EnumerateUsers();
+        public abstract HttpUser Authenticate(HttpRequest httpRequest);
+
+        public virtual HttpUser GetHttpUser(String authenticationName)
+        {
+            foreach (HttpUser httpUser in EnumerateUsers())
+            {
+                if (httpUser.AuthenticationName.Equals(authenticationName))
+                {
+                    return httpUser;
+                }
+            }
+            throw new KeyNotFoundException();
+        }
+
+
+
+    }
+}
diff --git a/AuthorizationMask.cs b/AuthorizationMask.cs
new file mode 100644
index 0000000..d77d21f
--- /dev/null
+++ b/AuthorizationMask.cs
@@ -0,0 +1,22 @@
+// /**
+//  * File: AuthorizationMask.cs
+//  * Author: haraldwolff
+//  *
+//  * This file and it's content is copyrighted by the Author and / or copyright holder.
+//  * Any use wihtout proper permission is illegal and may lead to legal actions.
+//  *
+//  *
+//  **/
+using System;
+namespace ln.http
+{
+    public static class AuthorizationMask
+    {
+        public static readonly long A_ACCESS = (1l << 0);
+        public static readonly long A_READ   = (1l << 0);
+        public static readonly long A_WRITE = (1l << 0);
+        public static readonly long A_EXEC = (1l << 0);
+
+        public static readonly long A_SUPER = (-1);
+    }
+}
diff --git a/HTTPServer.cs b/HTTPServer.cs
index 3bba2b7..69b1331 100644
--- a/HTTPServer.cs
+++ b/HTTPServer.cs
@@ -114,6 +114,9 @@ namespace ln.http
                 if (applications.ContainsKey(httpRequest.BaseURI))
                     application = applications[httpRequest.BaseURI];
 
+                application.Authenticate(httpRequest);
+                application.Authorize(httpRequest);
+
                 response = application.GetResponse( httpRequest );
             } catch (Exception e)
             {
diff --git a/HttpApplication.cs b/HttpApplication.cs
index 5d8683b..fb5be37 100644
--- a/HttpApplication.cs
+++ b/HttpApplication.cs
@@ -1,13 +1,20 @@
 using System;
 using ln.http;
+using ln.http.resources.session;
 namespace ln.http
 {
     public abstract class HttpApplication
     {
+        public AuthenticationProvider AuthenticationProvider { get; protected set; }
+
         public HttpApplication()
         {
         }
 
         public abstract HttpResponse GetResponse(HttpRequest httpRequest);
+
+        public virtual void Authenticate(HttpRequest httpRequest) { }
+        public virtual void Authorize(HttpRequest httpRequest) { }
+
     }
 }
diff --git a/HttpRequest.cs b/HttpRequest.cs
index 960b745..316245f 100644
--- a/HttpRequest.cs
+++ b/HttpRequest.cs
@@ -105,6 +105,8 @@ namespace ln.http
             }
         }
 
+        public HttpUser CurrentUser => Session.CurrentUser;
+
 
         public override string ToString()
 		{
diff --git a/HttpUser.cs b/HttpUser.cs
new file mode 100644
index 0000000..79cef7c
--- /dev/null
+++ b/HttpUser.cs
@@ -0,0 +1,30 @@
+// /**
+//  * File: HttpUser.cs
+//  * Author: haraldwolff
+//  *
+//  * This file and it's content is copyrighted by the Author and / or copyright holder.
+//  * Any use wihtout proper permission is illegal and may lead to legal actions.
+//  *
+//  *
+//  **/
+using System;
+
+namespace ln.http
+{
+    public class HttpUser
+    {
+        public String AuthenticationName { get; private set; }
+        public virtual String DisplayName { get; private set; }
+
+        public long AccessRightsMask { get; private set; }
+
+        public HttpUser()
+        {
+            AuthenticationName = "";
+            DisplayName = "Anonymous";
+            AccessRightsMask = 0;
+        }
+
+
+    }
+}
diff --git a/ln.http.csproj b/ln.http.csproj
index 4de2c3a..5cf3101 100644
--- a/ln.http.csproj
+++ b/ln.http.csproj
@@ -45,6 +45,8 @@
     <Compile Include="HttpCookie.cs" />
     <Compile Include="session\Session.cs" />
     <Compile Include="session\SessionCache.cs" />
+    <Compile Include="HttpUser.cs" />
+    <Compile Include="AuthenticationProvider.cs" />
   </ItemGroup>
   <ItemGroup>
     <Folder Include="exceptions\" />
diff --git a/session/Session.cs b/session/Session.cs
index 0accd0b..714ce2f 100644
--- a/session/Session.cs
+++ b/session/Session.cs
@@ -10,11 +10,15 @@ namespace ln.http.resources.session
         public long SessionAge => DateTimeOffset.Now.ToUnixTimeSeconds() - LastTouch;
         public long LastTouch { get; private set; }
 
+        public HttpUser CurrentUser { get; set; }
+
+
         private readonly Dictionary<string, object> elements = new Dictionary<string, object>();
 
         public Session()
         {
             SessionID = Guid.NewGuid();
+            CurrentUser = new HttpUser();
         }
 
         public object this[string name]
@@ -29,5 +33,11 @@ namespace ln.http.resources.session
         {
             LastTouch = DateTimeOffset.Now.ToUnixTimeSeconds();
         }
+
+        public virtual void Authenticate(HttpRequest httpRequest)
+        {
+
+        }
+
     }
 }