diff --git a/src/main/java/us/camin/JoinListener.java b/src/main/java/us/camin/JoinListener.java
index 1cd41ca..4281126 100644
--- a/src/main/java/us/camin/JoinListener.java
+++ b/src/main/java/us/camin/JoinListener.java
@@ -24,6 +24,8 @@ import org.bukkit.event.Listener;
 import org.bukkit.event.EventHandler;
 import org.bukkit.event.player.PlayerLoginEvent;
 import org.bukkit.event.player.PlayerJoinEvent;
+import org.bukkit.event.player.PlayerQuitEvent;
+import org.bukkit.event.player.PlayerKickEvent;
 import org.bukkit.permissions.PermissionAttachment;
 import java.io.IOException;
 
@@ -38,28 +40,59 @@ public class JoinListener implements Listener {
         m_plugin = p;
     }
 
-    @EventHandler
-    public void onPlayerLogin(PlayerLoginEvent event) {
-        Player p = event.getPlayer();
+    private void closePlayerSession(Player p) throws IOException {
+        m_plugin.api().closeSession(p.getName());
+    }
+
+    private ValidationResponse openPlayerSession(Player p) throws IOException {
         ValidationResponse resp = null;
-        try {
-            resp = m_plugin.api().validatePlayer(p.getName());
-            if (!resp.valid) {
-                event.disallow(PlayerLoginEvent.Result.KICK_WHITELIST, "An active camin.us account is required.");
-                return;
-            }
-        } catch (IOException e) {
-            event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "Camin.us auth server seems down.");
-            return;
+        resp = m_plugin.api().openSession(p.getName(), p.getAddress());
+        if (!resp.valid) {
+            return resp;
         }
+        log.info("Session "+resp.sessionId+" opened for "+p.getName());
         PermissionAttachment att = p.addAttachment(m_plugin);
         for(String perm : resp.permissions) {
             log.info("Granting "+perm);
             att.setPermission(perm, true);
         }
         p.recalculatePermissions();
+        return resp;
     }
 
+    @EventHandler
+    public void onPlayerQuit(PlayerQuitEvent event) {
+        try {
+            closePlayerSession(event.getPlayer());
+        } catch (IOException e) {
+        }
+    }
+
+    @EventHandler
+    public void onPlayerKicked(PlayerKickEvent event) {
+        try {
+            closePlayerSession(event.getPlayer());
+        } catch (IOException e) {
+        }
+    }
+
+    @EventHandler
+    public void onPlayerLogin(PlayerLoginEvent event) {
+        ValidationResponse resp;
+        try {
+            resp = openPlayerSession(event.getPlayer());
+        } catch (IOException e) {
+            event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "Camin.us auth server seems down.");
+            return;
+        }
+        if (!resp.valid) {
+            event.disallow(PlayerLoginEvent.Result.KICK_WHITELIST, resp.errorMessage);
+            return;
+        }
+    }
+
+    static public final String SESSION_METADATA_KEY = "caminus-session-id";
+
     @EventHandler
     public void onPlayerJoin(PlayerJoinEvent event) {
         m_plugin.sendMOTD(event.getPlayer());
diff --git a/src/main/java/us/camin/api/Server.java b/src/main/java/us/camin/api/Server.java
index 6c0b75a..44b94a8 100644
--- a/src/main/java/us/camin/api/Server.java
+++ b/src/main/java/us/camin/api/Server.java
@@ -25,6 +25,7 @@ import java.io.InputStreamReader;
 import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
+import java.net.InetSocketAddress;
 import java.net.ProtocolException;
 import java.net.URL;
 import java.net.URLEncoder;
@@ -74,7 +75,6 @@ public class Server {
         conn.setRequestMethod(method);
         if (params.size() > 0) {
             conn.setDoOutput(true);
-            DataOutputStream out = new DataOutputStream(conn.getOutputStream());
             Set<Map.Entry<String, String>> values = params.entrySet();
             Iterator<Map.Entry<String, String>> it = values.iterator();
             StringBuilder sb = new StringBuilder();
@@ -88,6 +88,7 @@ public class Server {
             String postData = sb.substring(0, sb.length()-1);
             conn.setFixedLengthStreamingMode(postData.length());
             conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
+            DataOutputStream out = new DataOutputStream(conn.getOutputStream());
             out.writeBytes(postData);
         }
         return readJSON(conn);
@@ -126,6 +127,14 @@ public class Server {
         return exec(path, "GET");
     }
 
+    public JSONObject post(String path, HashMap<String, String> params) throws MalformedURLException, IOException {
+        try {
+            return exec(path, "POST", params);
+        } catch (ProtocolException e) {
+            return null;
+        }
+    }
+
     public JSONObject put(String path, HashMap<String, String> params) throws MalformedURLException, IOException {
         try {
             return exec(path, "PUT", params);
@@ -215,4 +224,31 @@ public class Server {
         }
         return true;
     }
+
+    public void closeSession(String player) throws IOException {
+        log.info("Closing session for "+player);
+        get("server/session/"+player+"/close");
+    }
+
+    public ValidationResponse openSession(String player, InetSocketAddress sourceAddr) throws IOException {
+        log.info("Opening session for "+player);
+        ValidationResponse resp = new ValidationResponse();
+        HashMap<String, String> params = new HashMap<String, String>();
+        //params.put("ip", sourceAddr.toString());
+        params.put("ip", "");
+        JSONObject jsonObj = post("server/session/"+player+"/new", params);
+        resp.valid = jsonObj.optBoolean("success");
+        resp.errorMessage = jsonObj.optString("error");
+        resp.sessionId = jsonObj.optInt("sessionId");
+        try {
+            JSONArray perms = jsonObj.getJSONArray("permissions");
+            resp.permissions = new String[perms.length()];
+            for (int i = 0;i<perms.length();i++) {
+                resp.permissions[i] = perms.optString(i);
+            }
+        } catch (JSONException e) {
+            throw new IOException("JSON parse error", e);
+        }
+        return resp;
+    }
 }
diff --git a/src/main/java/us/camin/api/ValidationResponse.java b/src/main/java/us/camin/api/ValidationResponse.java
index 4d589f0..12f3c6e 100644
--- a/src/main/java/us/camin/api/ValidationResponse.java
+++ b/src/main/java/us/camin/api/ValidationResponse.java
@@ -21,5 +21,7 @@ package us.camin.api;
 public class ValidationResponse {
     public boolean valid = false;
     public String[] permissions = new String[0];
+    public String errorMessage;
+    public int sessionId;
 }