diff --git a/src/main/java/de/thm/arsnova/controller/LoginController.java b/src/main/java/de/thm/arsnova/controller/LoginController.java
index 11c8a7d05bfad72789d874701427b5be6eaea641..672729156a1f34aaa8f5653460cf930d777356fb 100644
--- a/src/main/java/de/thm/arsnova/controller/LoginController.java
+++ b/src/main/java/de/thm/arsnova/controller/LoginController.java
@@ -106,7 +106,7 @@ public class LoginController extends AbstractController {
 	@Value("${security.cas.order}") private int casOrder;
 
 	@Value("${security.facebook.enabled}") private boolean facebookEnabled;
-	@Value("${security.facebook.enabled-roles:speaker,student}") private String[] facebookRoles;
+	@Value("${security.facebook.allowed-roles:speaker,student}") private String[] facebookRoles;
 	@Value("${security.facebook.order}") private int facebookOrder;
 
 	@Value("${security.google.enabled}") private boolean googleEnabled;
diff --git a/src/main/java/de/thm/arsnova/services/SessionService.java b/src/main/java/de/thm/arsnova/services/SessionService.java
index c0a807ca897128b9dcc16af7a2b8f050694df757..f6507520741a29c7ebc86083b1fbfad86cf5782a 100644
--- a/src/main/java/de/thm/arsnova/services/SessionService.java
+++ b/src/main/java/de/thm/arsnova/services/SessionService.java
@@ -212,7 +212,7 @@ public class SessionService implements ISessionService, ApplicationEventPublishe
 		}
 		if (connectorClient != null && session.isCourseSession()) {
 			final String courseid = session.getCourseId();
-			if (!connectorClient.getMembership(userService.getCurrentUser().getUsername(), courseid).isMember()) {
+			if (!connectorClient.getMembership(user.getUsername(), courseid).isMember()) {
 				throw new ForbiddenException();
 			}
 		}