diff --git a/Readme.md b/Readme.md
new file mode 100644
index 0000000..f342c74
--- /dev/null
+++ b/Readme.md
@@ -0,0 +1,6 @@
+# Example NATS chat application
+
+## Users
+- admin is allowed everything
+- client may pusblish and subscribe to the chat channel
+- guest may only read chat messages
diff --git a/nats-client/src/main.rs b/nats-client/src/main.rs
index 7411699..90823ee 100644
--- a/nats-client/src/main.rs
+++ b/nats-client/src/main.rs
@@ -17,14 +17,25 @@ fn main() {
                 eprintln!("Connection to server is refused. Please check if it is really running.");
                 exit(1);
             }
-            _ => panic!("{}", e),
+            io::ErrorKind::InvalidData => {
+                if e.to_string().contains("Authorization Violation") {
+                    eprintln!("Invalid login credentials.");
+                    exit(1);
+                } else {
+                    panic!("NATS response was invalid: {}", e);
+                }
+            }
+            _ => panic!("{:?}", e),
         }
     }
 }
 
 fn run_chat_program() -> io::Result<()> {
-    let nc = nats_cli::connect_to_nats()?;
     let username = ask_user_name();
+    // TODO: Ask password from user
+    let password = username.clone();
+    let nc = nats_cli::connect_to_nats(&username, &password)?;
+
     println!(
         "Hello {}, please write your message. Use q to quit:",
         username
diff --git a/nats-client/src/nats_cli.rs b/nats-client/src/nats_cli.rs
index 23ee32f..aa3c48e 100644
--- a/nats-client/src/nats_cli.rs
+++ b/nats-client/src/nats_cli.rs
@@ -5,10 +5,12 @@ use nats::{Connection, Handler};
 use crate::chat_message::ChatMessage;
 
 const SERVER: &str = "127.0.0.1";
-const SUBJECT_MESSAGES: &str = "here.happens.messaging";
+const SUBJECT_MESSAGES: &str = "telestion.chat";
 
-pub fn connect_to_nats() -> io::Result<Connection> {
-    nats::connect(SERVER)
+pub fn connect_to_nats(username: &str, password: &str) -> io::Result<Connection> {
+    nats::Options::with_user_pass(username, password)
+        .with_name("Chat Application")
+        .connect(SERVER)
 }
 
 pub fn subscribe_to_chat_messages(username: String, nc: &Connection) -> io::Result<Handler> {
@@ -23,7 +25,7 @@ pub fn subscribe_to_chat_messages(username: String, nc: &Connection) -> io::Resu
                             println!("Received {}", message);
                         }
                     }
-                    Err(e) => eprintln!("{}", e),
+                    Err(e) => eprintln!("Error from NATS: {}", e),
                 };
                 Ok(())
             });
diff --git a/nats-server/config/server.conf b/nats-server/config/server.conf
index e69de29..ec79ff3 100644
--- a/nats-server/config/server.conf
+++ b/nats-server/config/server.conf
@@ -0,0 +1,19 @@
+authorization {
+  default_permissions = {
+    subscribe = "telestion.chat"
+    publish: { deny: ">" }
+  }
+  ADMIN = {
+    publish = ">"
+    subscribe = ">"
+  }
+  CHAT_CLIENT = {
+    publish = "telestion.chat"
+    subscribe = "telestion.chat"
+  }
+  users = [
+    {user: admin,   password: admin, permissions: $ADMIN}
+    {user: client,  password: client, permissions: $CHAT_CLIENT}
+    {user: guest, password: guest}
+  ]
+}
diff --git a/nats-server/run.sh b/nats-server/run.sh
index 1568892..f4eb439 100755
--- a/nats-server/run.sh
+++ b/nats-server/run.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 
-docker run -p 4222:4222 -t nats:latest
+docker run -p 4222:4222 -v ./config:/config -t nats:latest -c /config/server.conf