diff --git a/composer.json b/composer.json
index 37345b9..00927cf 100644
--- a/composer.json
+++ b/composer.json
@@ -20,6 +20,7 @@
         "meta-tech/pws-auth" : "~2.1",
         "meta-tech/silex-controller-service" : "~1.0",
         "silex/silex": "~2.0",
-        "gecko-packages/gecko-silex-config-service": "^2.0"
+        "gecko-packages/gecko-silex-config-service": "^2.0",
+        "symfony/security": "~3.2"
     }
 }
diff --git a/config/db.yml.dist b/config/db.yml.dist
new file mode 100644
index 0000000..ce49a82
--- /dev/null
+++ b/config/db.yml.dist
@@ -0,0 +1,7 @@
+default :
+    driver   : pdo_mysql
+    host     : db
+    dbname   : test
+    user     : dev
+    password : mysql
+    charset  : utf8
diff --git a/src/MetaTech/Db/PdoConnector.php b/src/MetaTech/Db/PdoConnector.php
index a3a879b..291406c 100644
--- a/src/MetaTech/Db/PdoConnector.php
+++ b/src/MetaTech/Db/PdoConnector.php
@@ -1,5 +1,5 @@
 <?php
-namespace MetaTech\Core\Db;
+namespace MetaTech\Db;
 
 use PDO;
 use MetaTech\Core\Singleton;
diff --git a/src/MetaTech/Db/PdoWrapper.php b/src/MetaTech/Db/PdoWrapper.php
index 80a96a0..c2dc5fd 100644
--- a/src/MetaTech/Db/PdoWrapper.php
+++ b/src/MetaTech/Db/PdoWrapper.php
@@ -31,6 +31,7 @@ class PdoWrapper
     {
         $this->profile = $profile;
         $this->logger = $logger;
+        $this->switchDb($profile);
     }
 
     /*!
diff --git a/src/MetaTech/Silex/Ws/Authentication.php b/src/MetaTech/Silex/Ws/Authentication.php
index 83a4c29..39fe2d8 100644
--- a/src/MetaTech/Silex/Ws/Authentication.php
+++ b/src/MetaTech/Silex/Ws/Authentication.php
@@ -95,14 +95,22 @@ class Authentication
         if ($this->authenticator->isValid($token)) {
             $login    = $request->get('login');
             $password = $request->get('password');
-            if ($done = $this->authenticator->check($token, $login)) {
-                if ($this->checkUser($login, $password, $token->getIdent())) {
-                    $sid  = $this->onSuccess($token, $login);
-                    $msg  = "authentication sucessful ! logged as $login";
-                    $data = compact('sid');
+            if ($this->authenticator->check($token, $login)) {
+                try {
+                    if ($done = $this->checkUser($login, $password, $token->getIdent())) {
+                        $sid  = $this->onSuccess($token, $login);
+                        $msg  = "authentication sucessful ! logged as $login";
+                        $data = compact('sid');
+                    }
+                }
+                catch(\Exception $e) {
+                    $msg = 'invalid user or password';
                 }
             }
         }
+        if (!$done) {
+            sleep(3);
+        }
         return new JsonResponse(compact('done', 'msg', 'data'), $done ? 200 : 401);
     }
 
@@ -133,23 +141,25 @@ class Authentication
     public function check(Request $request)
     {
         if (!$this->isAllowedRoute($request->getPathInfo())) {
-            $this->sessionInvalidate();
             $done  = false;
             $msg   = "authentication require";
             try {
                 $token = $this->authenticator->getToken();
                 
                 if ($this->authenticator->isValid($token)) {
-                    $sid = $this->authenticator->getSessionId($token);
-                    $this->session->setId($sid);
-                    $this->session->start();
-                    $user = $this->session->get('user');
-                    // done : lets controller takes hand
-                    if (!is_null($user) && $user->key == $token->getIdent()) {
-                        return;
-                    }
-                    else {
+                    if (!empty($sid = $this->authenticator->getSessionId($token))) {
                         $this->sessionInvalidate();
+                        $this->session->setId($sid);
+                        $this->session->start();
+                        $user = $this->session->get('user');
+                        $data = compact('user');
+                        // done : lets controller takes hand
+                        if (!is_null($user) && $user->key == $token->getIdent()) {
+                            return;
+                        }
+                        else {
+                            $this->sessionInvalidate();
+                        }
                     }
                 }
             }
@@ -157,7 +167,7 @@ class Authentication
                 $done = false;
                 $msg  = $e->getMessage();
             }
-            return new JsonResponse(compact('done', 'msg'), 401);
+            return new JsonResponse(compact('done', 'msg', 'data'), 401);
         }
     }
 }