diff --git a/foo.php b/foo.php
index 3def053d853fd6dcaa2f9e5c8d7cb62fc3ab047d..7eff620db80995039885311d1f4b46566e111dc3 100644
--- a/foo.php
+++ b/foo.php
@@ -1,30 +1,51 @@
 <?php
 
 require __DIR__ . '/vendor/autoload.php';
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\EventDispatcher\EventDispatcher;
+use BiiG\SecurityTest\Kernel;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Http\FirewallMap;
+use Symfony\Component\HttpFoundation\RequestMatcher,
+    Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage,
+    BiiG\SecurityTest\CustomAuthenticationListener,
+    BiiG\SecurityTest\CustomAuthenticationProvider,
+    Symfony\Component\Security\Http\Firewall,
+    Symfony\Component\HttpKernel\KernelEvents,
+    Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter,
+    Symfony\Component\Security\Core\Role\RoleHierarchy,
+    Symfony\Component\Security\Core\Authorization\AccessDecisionManager
+    ;
+use Symfony\Component\Security\Http\AccessMap;
+use Symfony\Component\Security\Http\Firewall\AccessListener;
+
+
+
+
+$request = Request::createFromGlobals();
+$dispatcher = new EventDispatcher();
+$kernel = new Kernel($dispatcher, function() {
+    return new Response("<h1>Hello</h1>");
+});
 
 
-$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
-$dispatcher = new \Symfony\Component\EventDispatcher\EventDispatcher();
-
 
 ///////////////////////
-/// FIREWALL
-
-$map = new \Symfony\Component\Security\Http\FirewallMap();
-
-$requestMatcher = new \Symfony\Component\HttpFoundation\RequestMatcher('^/');
+/// FIREWALL CONFIG
 
-$tokenStorage = new \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage();
+$map = new FirewallMap();
 
+$requestMatcher = new RequestMatcher('^/');
+$tokenStorage = new TokenStorage();
 // instances of Symfony\Component\Security\Http\Firewall\ListenerInterface
+$authManager = new CustomAuthenticationProvider();
 $listeners = [
-    new \BiiG\SecurityTest\CustomAuthenticationListener(
+    new CustomAuthenticationListener(
         $tokenStorage,
-        new \BiiG\SecurityTest\CustomAuthenticationProvider(),
+        $authManager,
         'swagg'
     )
 ];
-
 // The exception listener object is too complex for this example
 /*
 $exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionListener($tokenStorage, $trustResolver);
@@ -33,16 +54,46 @@ $exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionList
 $map->add($requestMatcher, $listeners);
 
 
-$firewall = new \Symfony\Component\Security\Http\Firewall($map, $dispatcher);
-
-
+$firewall = new Firewall($map, $dispatcher);
 $dispatcher->addListener(
-    \Symfony\Component\HttpKernel\KernelEvents::REQUEST,
+    KernelEvents::REQUEST,
     array($firewall, 'onKernelRequest')
 );
 
-$kernel = new \BiiG\SecurityTest\Kernel($dispatcher, function() {
-    echo "<h1>Hello</h1>";
-});
+/////////////////////////
+/// Authorization
+
+// instances of Symfony\Component\Security\Core\Authorization\Voter\VoterInterface
+$voters = [
+    new RoleHierarchyVoter(
+        new RoleHierarchy([
+            'ROLE_SUPER_ADMIN' => [
+                'ROLE_ADMIN',
+                'ROLE_USER'
+            ]
+        ])
+    ),
+];
+$strategy = AccessDecisionManager::STRATEGY_AFFIRMATIVE;
+
+$accessDecisionManager = new AccessDecisionManager(
+    $voters,
+    $strategy
+);
+
+$accessMap = new AccessMap();
+$requestMatcher = new RequestMatcher('^/admin');
+$accessMap->add($requestMatcher, array('ROLE_ADMIN'));
+
+$accessListener = new AccessListener(
+    $tokenStorage,
+    $accessDecisionManager,
+    $accessMap,
+    $authManager
+);
+
+
+/////////////////////////
+/// Run kernel
 
-$kernel->handle($request);
+$kernel->handle($request)->send();
diff --git a/src/CustomAuthenticationProvider.php b/src/CustomAuthenticationProvider.php
index 279b5d72c5c56d7b8ef2cc7c14326f109ad30e7f..ffde5d5dea7e3010fcdb697fcb279516db320554 100644
--- a/src/CustomAuthenticationProvider.php
+++ b/src/CustomAuthenticationProvider.php
@@ -66,6 +66,11 @@ class CustomAuthenticationProvider implements AuthenticationProviderInterface
         if (!$encoder->isPasswordValid($user->getPassword(), $token->getCredentials(), $user->getSalt())) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
+
+        $token->setUser($user);
+        $token->setAuthenticated(true);
+
+        return $token;
     }
 
     public function supports(TokenInterface $token)
diff --git a/src/Kernel.php b/src/Kernel.php
index 5db9a94b5a5f3181b805ae6e77e1091efeaa5bd2..f160557eb470ca790384d49751e2e4648464fa47 100644
--- a/src/Kernel.php
+++ b/src/Kernel.php
@@ -13,7 +13,6 @@ namespace BiiG\SecurityTest;
 
 use Symfony\Component\EventDispatcher\EventDispatcher;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
@@ -37,8 +36,10 @@ class Kernel implements HttpKernelInterface
 
         // Some work
         $run = $this->run;
-        $run();
+        $response = $run();
 
         $this->dispatcher->dispatch(KernelEvents::FINISH_REQUEST, new FinishRequestEvent($this, $request, $type));
+
+        return $response;
     }
 }