diff --git a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
index 41a2f68170cd3d0b5f658c07b5bfcc4ceba84801..ea4e65f0a60d72cb5da6cb03b2cec44848dbc3c6 100644
--- a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
+++ b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
@@ -408,8 +408,12 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
     try {
       getRequest().getAttributes().put("THROWN", t);
       throw t;
-    } catch (final AuthenticationException | AuthorizationException e) {
-      return error(ServerMessages.NOT_PERMITTED, Status.CLIENT_ERROR_FORBIDDEN);
+    } catch (final AuthenticationException e) {
+      getResponse().setStatus(Status.CLIENT_ERROR_FORBIDDEN);
+      return null;
+    } catch (final AuthorizationException e) {
+      getResponse().setStatus(Status.CLIENT_ERROR_FORBIDDEN);
+      return null;
     } catch (final Message m) {
       return error(m, Status.CLIENT_ERROR_BAD_REQUEST);
     } catch (final FileUploadException e) {