ATLAS-2981: Skip trusted proxy authentication if doAsUser is same as remote user.
Change-Id: I8e9bf476fb921806e1fd73b11869e719aa532815
diff --git a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
index 3a2b9d4..b6ed545 100644
--- a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
+++ b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
@@ -447,7 +447,7 @@
// Create the proxy user if doAsUser exists
String doAsUser = supportTrustedProxy ? Servlets.getDoAsUser(httpRequest) : null;
- if (supportTrustedProxy && doAsUser != null) {
+ if (supportTrustedProxy && doAsUser != null && !doAsUser.equals(httpRequest.getRemoteUser())) {
LOG.debug("doAsUser is {}", doAsUser);
UserGroupInformation requestUgi = (token != null) ? UserGroupInformation.createRemoteUser(token.getUserName()) : null;