diff --git a/src/main/java/caosdb/server/CaosAuthenticator.java b/src/main/java/caosdb/server/CaosAuthenticator.java
index f2b616cf1ce5d13732c88d4f89d6959f33aab4f6..efe02c151eb3ce77e973ea5e8d95a779dd912a57 100644
--- a/src/main/java/caosdb/server/CaosAuthenticator.java
+++ b/src/main/java/caosdb/server/CaosAuthenticator.java
@@ -60,16 +60,15 @@ public class CaosAuthenticator extends Authenticator {
       if (sessionToken != null) {
         subject.login(sessionToken);
       }
-
-      // anonymous users
-      if (!subject.isAuthenticated()
-          && CaosDBServer.getServerProperty(ServerProperties.KEY_AUTH_OPTIONAL)
-              .equalsIgnoreCase("TRUE")) {
-        subject.login(AuthenticationUtils.ANONYMOUS_USER);
-      }
     } catch (AuthenticationException e) {
       logger.log(Level.INFO, "LOGIN_FAILED", e);
     }
+    // anonymous users
+    if (!subject.isAuthenticated()
+        && CaosDBServer.getServerProperty(ServerProperties.KEY_AUTH_OPTIONAL)
+        .equalsIgnoreCase("TRUE")) {
+      subject.login(AuthenticationUtils.ANONYMOUS_USER);
+    }
     return subject.isAuthenticated();
   }