diff --git a/CHANGELOG.md b/CHANGELOG.md index c2f71063e0..171398cdad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## v2.67.9 - 2024-11-05 + +[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.8...v2.67.9) + ## v2.67.8 - 2024-11-04 [Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.7...v2.67.8) diff --git a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java index 54a911f8dd..2db61a53b1 100644 --- a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java +++ b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java @@ -101,15 +101,19 @@ protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServl throws ServletException, IOException { LOG.trace("ApiRateLimitFilter starts, rate limit is : " + enableRateLimiting); if (enableRateLimiting) { - String tokenValue = httpServletRequest.getHeader("Authorization").replaceAll("Bearer|bearer", "").trim(); - + String tokenValue = null; + if (httpServletRequest.getHeader("Authorization") != null) { + tokenValue = httpServletRequest.getHeader("Authorization").replaceAll("Bearer|bearer", "").trim(); + } String ipAddress = httpServletRequest.getRemoteAddr(); String clientId = null; - try { - clientId = orcidTokenStore.readClientId(tokenValue); - } catch (Exception ex) { - LOG.error("Exception when trying to get the client id from token value, ignoring and treating as anonymous client", ex); + if (tokenValue != null) { + try { + clientId = orcidTokenStore.readClientId(tokenValue); + } catch (Exception ex) { + LOG.error("Exception when trying to get the client id from token value, ignoring and treating as anonymous client", ex); + } } boolean isAnonymous = (clientId == null); LocalDate today = LocalDate.now();