diff --git a/app/controllers/management/sessions_controller.rb b/app/controllers/management/sessions_controller.rb
index bad38663e..d3a85402b 100644
--- a/app/controllers/management/sessions_controller.rb
+++ b/app/controllers/management/sessions_controller.rb
@@ -4,11 +4,10 @@ class Management::SessionsController < ActionController::Base
 
   def create
     destroy_session
-    if manager = ManagerAuthenticator.new(params).auth
-      session[:manager] = manager
+    if admin? || manager?
       redirect_to management_root_path
     else
-      raise ActionController::RoutingError.new('Not Found')
+      raise CanCan::AccessDenied
     end
   end
 
@@ -25,4 +24,16 @@ class Management::SessionsController < ActionController::Base
       session[:document_number] = nil
     end
 
-end
\ No newline at end of file
+    def admin?
+      if current_user.try(:administrator?)
+        session[:manager] = {login: "admin_user_#{current_user.id}"}
+      end
+    end
+
+    def manager?
+      if manager = ManagerAuthenticator.new(params).auth
+        session[:manager] = manager
+      end
+    end
+
+end
diff --git a/spec/controllers/management/sessions_controller_spec.rb b/spec/controllers/management/sessions_controller_spec.rb
index af53f4ae0..a07067ed9 100644
--- a/spec/controllers/management/sessions_controller_spec.rb
+++ b/spec/controllers/management/sessions_controller_spec.rb
@@ -3,9 +3,9 @@ require 'rails_helper'
 describe Management::SessionsController do
 
   describe 'Sign in' do
-    it "should return 404 if wrong credentials" do
+    it "should deny access if wrong manager credentials" do
       allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false)
-      expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error "Not Found"
+      expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error CanCan::AccessDenied
     end
 
     it "should redirect to management root path if right credentials" do
@@ -15,6 +15,17 @@ describe Management::SessionsController do
       get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905"
       expect(response).to be_redirect
     end
+
+    it "should redirect to management root path if user is admin" do
+      sign_in create(:administrator).user
+      get :create
+      expect(response).to be_redirect
+    end
+
+    it "should deny access if user is not admin" do
+      sign_in create(:user)
+      expect { get :create}.to raise_error CanCan::AccessDenied
+    end
   end
 
   describe 'Sign out' do