diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java b/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java
index 40d2e00..9001412 100644
--- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java
+++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java
@@ -2,45 +2,34 @@ package ${package}.security;
 
 import java.security.Principal;
 
-import javax.enterprise.context.RequestScoped;
-
-import br.gov.frameworkdemoiselle.security.Authenticator;
 import br.gov.frameworkdemoiselle.security.Credentials;
 import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
+import br.gov.frameworkdemoiselle.security.TokenAuthenticator;
 import br.gov.frameworkdemoiselle.util.Beans;
 
-@RequestScoped
-public class AppAuthenticator implements Authenticator {
+public class AppAuthenticator extends TokenAuthenticator {
 
 	private static final long serialVersionUID = 1L;
 
-	private Principal user;
-
 	@Override
-	public void authenticate() throws Exception {
+	protected Principal customAuthentication() throws Exception {
+		Principal user = null;
 		final Credentials credentials = Beans.getReference(Credentials.class);
+		final String username = credentials.getUsername();
 
 		if (credentials.getPassword().equals("secret")) {
-			this.user = new Principal() {
+			user = new Principal() {
 
 				@Override
 				public String getName() {
-					return credentials.getUsername();
+					return username;
 				}
 			};
 
 		} else {
 			throw new InvalidCredentialsException();
 		}
-	}
 
-	@Override
-	public void unauthenticate() throws Exception {
-		this.user = null;
-	}
-
-	@Override
-	public Principal getUser() {
-		return this.user;
+		return user;
 	}
 }
diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js
index d851127..a0598de 100644
--- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js
+++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js
@@ -19,18 +19,8 @@ $(function() {
 	});
 });
 
-function make_base_auth(user, password) {
-	var tok = user + ':' + password;
-	var hash = btoa(tok);
-	return hash;
-}
-
-function loginOk(data) {
-	var username = $("#username").val().trim();
-	var password = $("#password").val().trim();
-	var encoded = btoa(username + ':' + password);
-
-	App.setToken(encoded);
+function loginOk(data, status, request) {
+	App.setToken(request.getResponseHeader('Set-Token'));
 	location.href = "home.html";
 }
 
diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js
index 062c89b..4c41ef7 100644
--- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js
+++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js
@@ -20,21 +20,22 @@ var App = {
 	},
 
 	setToken : function(token) {
+		console.log(token);
 		sessionStorage.setItem(this.tokenKey, token);
 	},
 
 	setHeader : function(request) {
-		request.setRequestHeader("Authorization", "Basic " + App.getToken());
+		request.setRequestHeader("Authorization", "Token " + App.getToken());
 	},
 
 	removeToken : function() {
 		sessionStorage.removeItem(this.tokenKey);
+		$.removeCookie("Token");
 	},
-	
+
 	getUrlParameterByName : function(name) {
 		name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
-	    var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"),
-	        results = regex.exec(location.search);
-	    return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
+		var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"), results = regex.exec(location.search);
+		return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
 	}
 };
diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java
index 4e02484..541e1fa 100644
--- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java
+++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java
@@ -66,7 +66,7 @@ public class DefaultTokenManager implements TokenManager {
 		return store.get(token);
 	}
 
-	private class TokenStore implements Serializable {
+	public static class TokenStore implements Serializable {
 
 		private static final long serialVersionUID = 1L;
 
--
libgit2 0.21.2