diff --git a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
index 19d8a1b858..db5f34e74b 100644
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
@@ -38,6 +38,9 @@ package sonia.scm.api.rest.resources;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import sonia.scm.ScmState;
 import sonia.scm.Type;
 import sonia.scm.repository.RepositoryManager;
@@ -69,6 +72,12 @@ import javax.ws.rs.core.Response;
 public class AuthenticationResource
 {
 
+  /** the logger for AuthenticationResource */
+  private static final Logger logger =
+    LoggerFactory.getLogger(AuthenticationResource.class);
+
+  //~--- methods --------------------------------------------------------------
+
   /**
    * Method description
    *
@@ -133,21 +142,28 @@ public class AuthenticationResource
    * @return
    */
   @GET
-  public ScmState getState(@Context HttpServletRequest request)
+  public Response getState(@Context HttpServletRequest request)
   {
+    Response response = null;
     ScmState state = null;
     User user = securityContext.getUser();
 
     if (user != null)
     {
+      if (logger.isDebugEnabled())
+      {
+        logger.debug("return state for user {}", user.getName());
+      }
+
       state = getState(user);
+      response = Response.ok(state).build();
     }
     else
     {
-      throw new WebApplicationException(Response.Status.UNAUTHORIZED);
+      response = Response.status(Response.Status.UNAUTHORIZED).build();
     }
 
-    return state;
+    return response;
   }
 
   /**
diff --git a/scm-webapp/src/main/webapp/resources/js/sonia.global.js b/scm-webapp/src/main/webapp/resources/js/sonia.global.js
index 57140cd755..ea4f5560fd 100644
--- a/scm-webapp/src/main/webapp/resources/js/sonia.global.js
+++ b/scm-webapp/src/main/webapp/resources/js/sonia.global.js
@@ -29,8 +29,9 @@
  * 
  */
 
+// enable debug mode, if console is available
+var debug = Ext.isDefined(console);
 
-var debug = true;
 var state = null;
 
 // sonia.scm.api.rest.resources.UserResource.DUMMY_PASSWORT