diff --git a/flaschengeist/flaschengeist.example.cfg b/flaschengeist/flaschengeist.example.cfg
index f9db244..4136f39 100644
--- a/flaschengeist/flaschengeist.example.cfg
+++ b/flaschengeist/flaschengeist.example.cfg
@@ -12,15 +12,6 @@ HOST =
 PASSWORD =
 DATABASE =
 
-# [LDAP]
-# URL =
-# PORT =
-# BINDDN =
-# SECRET =
-# USE_SSL =
-## ADMIN_DN:
-## ADMIN_SECRET:
-
 [MAIL]
 URL =
 PORT =
@@ -29,6 +20,15 @@ PASSWD =
 MAIL =
 CRYPT = SSL/STARTLS
 
+#[auth_ldap]
+# URL =
+# PORT =
+# BINDDN =
+# SECRET =
+# USE_SSL =
+## ADMIN_DN:
+## ADMIN_SECRET:
+
 ############################
 # Configuration of plugins #
 ############################
diff --git a/flaschengeist/modules/auth/__init__.py b/flaschengeist/modules/auth/__init__.py
index 1943e58..be0b688 100644
--- a/flaschengeist/modules/auth/__init__.py
+++ b/flaschengeist/modules/auth/__init__.py
@@ -42,8 +42,11 @@ def _create_token():
     """
     logger.debug("Start log in.")
     data = request.get_json()
-    userid = data['userid']
-    password = data['password']
+    try:
+        userid = data['userid']
+        password = data['password']
+    except KeyError:
+        raise BadRequest("Missing parameter(s)")
 
     logger.debug("search user {{ {} }} in database".format(userid))
     user = userController.login_user(userid, password)
diff --git a/flaschengeist/system/models/user.py b/flaschengeist/system/models/user.py
index 989baf1..bc2fc7c 100644
--- a/flaschengeist/system/models/user.py
+++ b/flaschengeist/system/models/user.py
@@ -62,7 +62,7 @@ class User(db.Model):
             self.display_name = data['display_name']
 
     def get_permissions(self):
-        return [permission.name for role in self.roles for permission in role.permissions]
+        return ["user"] + [permission.name for role in self.roles for permission in role.permissions]
 
     def has_permissions(self, permissions):
         for role in self.roles: