From 756c817b5a55b2253564083162ac946dd34deef7 Mon Sep 17 00:00:00 2001
From: Michael Peter Christen <mc@yacy.net>
Date: Sat, 21 Oct 2023 11:45:26 +0200
Subject: [PATCH] fix for https://github.com/yacy/yacy_search_server/issues/544

---
 source/net/yacy/htroot/ConfigBasic.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/source/net/yacy/htroot/ConfigBasic.java b/source/net/yacy/htroot/ConfigBasic.java
index 40b0a2b58..a199f182d 100644
--- a/source/net/yacy/htroot/ConfigBasic.java
+++ b/source/net/yacy/htroot/ConfigBasic.java
@@ -77,7 +77,14 @@ public class ConfigBasic {
         }
 
         /* For authenticated users only : acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            // In case that the user is not authenticated, the transaction manager throws an exception.
+            // This is not an error and to be considered normal operation in case that the user is actually
+            // not authenticated. In such a case we simply do not include the transaction token.
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         if ((sb.peers.mySeed().isVirgin()) || (sb.peers.mySeed().isJunior())) {
         	new OnePeerPingBusyThread(sb.yc).start();