[Trunk | Authorization Library]:

AuthorizationService.java: [Bug fix] Added "authentication.getPrincipal() instanceof User" check before casting authentication.getPrincipal() to User - if user is not logged in, it is String.

src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java

@@ -70,7 +70,7 @@ public class AuthorizationService {
 
     public String getAaiId() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if (authentication != null) {
+        if (authentication != null && (authentication.getPrincipal() instanceof User)) {
             User user = (User) authentication.getPrincipal();
             return user.getPassword();
         }