ATLAS-2981: Skip trusted proxy authentication if doAsUser is same as remote user. Change-Id: I8e9bf476fb921806e1fd73b11869e719aa532815

commit: 18350777ed1137412609ceb420d8e6fa342737fc [log] [tgz]
author: nixonrodrigues <nixon@apache.org> Tue Nov 27 23:35:41 2018 +0530
committer: nixonrodrigues <nixon@apache.org> Tue Nov 27 23:56:34 2018 +0530
tree: 63e602de802eef3b10902e542ee878148af5e0b2
parent: 5da376483b37ffe56bc23f5db54149e1e0534a36 [diff]
diff --git a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
index 3a2b9d4..b6ed545 100644
--- a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
+++ b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java

@@ -447,7 +447,7 @@
                     // Create the proxy user if doAsUser exists
                     String doAsUser = supportTrustedProxy ? Servlets.getDoAsUser(httpRequest) : null;
 
-                    if (supportTrustedProxy && doAsUser != null) {
+                    if (supportTrustedProxy && doAsUser != null && !doAsUser.equals(httpRequest.getRemoteUser())) {
                         LOG.debug("doAsUser is {}", doAsUser);
 
                         UserGroupInformation requestUgi = (token != null) ? UserGroupInformation.createRemoteUser(token.getUserName()) : null;
commit	18350777ed1137412609ceb420d8e6fa342737fc	[log] [tgz]
author	nixonrodrigues <nixon@apache.org>	Tue Nov 27 23:35:41 2018 +0530
committer	nixonrodrigues <nixon@apache.org>	Tue Nov 27 23:56:34 2018 +0530
tree	63e602de802eef3b10902e542ee878148af5e0b2
parent	5da376483b37ffe56bc23f5db54149e1e0534a36 [diff]