diff --git a/src/main/java/de/thm/arsnova/SessionController.java b/src/main/java/de/thm/arsnova/SessionController.java
index 87460a3c0009906d5120dae13f24ef5dc1870873..cb6e9516d7c983677f14a602cdefcb70268570d4 100644
--- a/src/main/java/de/thm/arsnova/SessionController.java
+++ b/src/main/java/de/thm/arsnova/SessionController.java
@@ -20,8 +20,13 @@ package de.thm.arsnova;
 
 import javax.servlet.http.HttpServletResponse;
 
+import net.sf.json.JSONObject;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -30,13 +35,34 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import de.thm.arsnova.entities.Session;
 import de.thm.arsnova.services.ISessionService;
+import de.thm.arsnova.services.IUserService;
+import de.thm.arsnova.socket.ARSnovaSocketIOServer;
 
 @Controller
 public class SessionController {
 	
+	public static final Logger logger = LoggerFactory.getLogger(SessionController.class);
+	
 	@Autowired
 	ISessionService sessionService;
 	
+	@Autowired
+	IUserService userService;
+	
+	@Autowired
+	ARSnovaSocketIOServer server;
+	
+	@RequestMapping(method = RequestMethod.POST, value = "/authorize")
+	public void authorize(@RequestBody Object sessionObject, HttpServletResponse response) {
+		String sessionkey = (String) JSONObject.fromObject(sessionObject).get("session");
+		if(sessionkey == null) {
+			return;
+		}		
+		logger.info("authorize session: " + sessionkey + ", user is:  " + userService.getUser(SecurityContextHolder.getContext().getAuthentication()));
+		boolean result = server.authorize(sessionkey, userService.getUser(SecurityContextHolder.getContext().getAuthentication()));
+		response.setStatus(result ? HttpStatus.CREATED.value() : HttpStatus.UNAUTHORIZED.value());
+	}
+	
 	@RequestMapping(value="/session/{sessionkey}", method=RequestMethod.GET)
 	public Session getSession(@PathVariable String sessionkey, HttpServletResponse response) {
 		Session session = sessionService.getSession(sessionkey);
diff --git a/src/main/java/de/thm/arsnova/WebSocketController.java b/src/main/java/de/thm/arsnova/WebSocketController.java
deleted file mode 100644
index 60e8876c7f6bbaf7e1753e6a8ba7cf4a94618624..0000000000000000000000000000000000000000
--- a/src/main/java/de/thm/arsnova/WebSocketController.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.thm.arsnova;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-import de.thm.arsnova.services.IUserService;
-import de.thm.arsnova.socket.ARSnovaSocketIOServer;
-
-@Controller
-public class WebSocketController {
-	
-	@Autowired
-	ARSnovaSocketIOServer server;
-	
-	@Autowired
-	IUserService userService;
-
-	public static final Logger logger = LoggerFactory.getLogger(WebSocketController.class);
-
-	@RequestMapping(method = RequestMethod.POST, value = "/authorize")
-	public void authorize(@RequestBody String session, HttpServletResponse response) {
-		boolean result = server.authorize(session, userService.getUser(SecurityContextHolder.getContext().getAuthentication()));
-		response.setStatus(result ? HttpStatus.CREATED.value() : HttpStatus.SERVICE_UNAVAILABLE.value());
-	}
-
-}
diff --git a/src/main/java/de/thm/arsnova/entities/User.java b/src/main/java/de/thm/arsnova/entities/User.java
index 4f2863631bd5f3dbc856aab5e0dd9d6a7d3927c3..84d564ccbf201c4ab8b3e337979379c0cd633317 100644
--- a/src/main/java/de/thm/arsnova/entities/User.java
+++ b/src/main/java/de/thm/arsnova/entities/User.java
@@ -42,5 +42,9 @@ public class User {
 	public void setUsername(String username) {
 		this.username = username;
 	}
+	
+	public String toString() {
+		return "User, username: " + this.username;
+	}
 
 }
diff --git a/src/main/java/de/thm/arsnova/services/SessionService.java b/src/main/java/de/thm/arsnova/services/SessionService.java
index f3bcf269ac51206412563c91da45735ed4d696fc..29abd915f7dbf541f5d70879e81c83aae46c5f78 100644
--- a/src/main/java/de/thm/arsnova/services/SessionService.java
+++ b/src/main/java/de/thm/arsnova/services/SessionService.java
@@ -22,7 +22,6 @@ import java.io.IOException;
 import java.net.URLEncoder;
 import java.util.ArrayList;
 import java.util.List;
-import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
 import net.sf.json.JSONObject;
@@ -58,7 +57,7 @@ public class SessionService implements ISessionService {
 	
 	private Database database;
 	
-	private Map<String, String> user2session = new ConcurrentHashMap<String, String>();
+	private static final ConcurrentHashMap<String, String> user2session = new ConcurrentHashMap<String, String>();
 	
 	public static final Logger logger = LoggerFactory.getLogger(SessionService.class);
 
@@ -219,12 +218,15 @@ public class SessionService implements ISessionService {
 	@Override
 	public boolean isUserInSession(de.thm.arsnova.entities.User user, String keyword) {
 		if (keyword == null) return false;
-		return (this.user2session.get(user.getUsername()).equals(keyword));
+		String session = user2session.get(user.getUsername());
+		if(session == null) return false;
+		return keyword.equals(session);
 	}
 	
 	@Override
+	@Transactional(isolation=Isolation.READ_COMMITTED)
 	public void addUserToSessionMap(String username, String keyword) {
-		this.user2session.put(username, keyword);	
+		user2session.putIfAbsent(username, keyword);	
 	}
 	
 	private String getSessionId(String keyword) {
diff --git a/src/main/java/de/thm/arsnova/socket/ARSnovaSocketIOServer.java b/src/main/java/de/thm/arsnova/socket/ARSnovaSocketIOServer.java
index e606cd445eec0453455cfbb30e55b2d648c98640..b13de0ce9f0cced50446310bcdb14f392d023088 100644
--- a/src/main/java/de/thm/arsnova/socket/ARSnovaSocketIOServer.java
+++ b/src/main/java/de/thm/arsnova/socket/ARSnovaSocketIOServer.java
@@ -51,14 +51,12 @@ public class ARSnovaSocketIOServer {
 				new DataListener<Feedback>() {
 					@Override
 					public void onData(SocketIOClient client, Feedback data) {
-						logger.info("setFeedback.onData: Client: {}, message: {}", new Object[] {client, data});
 						User u = session2user.get(client.getSessionId().toString());
 						if(u == null || sessionService.isUserInSession(u, data.getSessionkey()) == false) {
 							return;
 						}
 						sessionService.postFeedback(data.getSessionkey(), data.getValue(), u);
 						de.thm.arsnova.entities.Feedback fb = sessionService.getFeedback(data.getSessionkey());
-						logger.info("fb: {}", fb);
 						server.getBroadcastOperations().sendEvent("updateFeedback", fb.getValues());
 					}
 		});
diff --git a/src/main/webapp/WEB-INF/spring/spring-main.xml b/src/main/webapp/WEB-INF/spring/spring-main.xml
index d46fe5909cf684c6c94424c4b061df33f3879fba..d59b0ac6359bf167449a03ba51b00bc37ac2957e 100644
--- a/src/main/webapp/WEB-INF/spring/spring-main.xml
+++ b/src/main/webapp/WEB-INF/spring/spring-main.xml
@@ -26,8 +26,7 @@
 	<context:component-scan base-package="de.thm.arsnova" />
 	<context:annotation-config />
 
-	<bean id="socketServer" class="de.thm.arsnova.socket.ARSnovaSocketIOServer" init-method="startServer" destroy-method="stopServer">
-        <property name="portNumber" value="18018"></property>
-	</bean>
+	<bean id="socketServer" class="de.thm.arsnova.socket.ARSnovaSocketIOServer" init-method="startServer" destroy-method="stopServer" scope="singleton"
+		p:portNumber="18018" />
 
 </beans>