diff --git a/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgExtraCrud.class.php b/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgExtraCrud.class.php
index 319dcc433776ca97dbd77f56d3a59f1b0dcb77b0..7dd675f5479c781963b6abba3ae0b8effeffdea8 100755
--- a/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgExtraCrud.class.php
+++ b/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgExtraCrud.class.php
@@ -410,11 +410,17 @@ class TgExtraCrud {
 
   // -----------------------------------------------------
   // Function: tgCrudCheckAccess
-  // Input: log / xsd:string
-  //        session / xsd:string
+  // Input: auth / xsd:string
+  //        log / xsd:string
   //        operation / xsd:string
   //        resource / xsd:string
-  // Output: sid / xsd:string
+  //        secret / xsd:string
+  // Output: 
+  //        result / xsd:boolean
+  //        public / xsd:boolean
+  //        project / tns:projectinfo
+  //        username / xsd:string
+  //        operation / xsd:string
   // Description
   //   Searches for the given resource. If it's existing the
   //   method starts the checkAccess query and returns the
@@ -499,7 +505,12 @@ class TgExtraCrud {
 
         // Finally add the username and allowed
         // operations for the current session.
-        $result->username = $this->rbac->sessionUser( $inRequest->auth );
+	// have to check for anonymous access (or invalid SID)
+	try {
+	    $result->username = $this->rbac->sessionUser( $inRequest->auth );
+	} catch ( Exception $e ) {
+	    $result->username = "--invalid--";
+	}
 	
 
         try {