ATLAS-2981: Skip trusted proxy authentication if doAsUser is same as remote user.

Change-Id: I8e9bf476fb921806e1fd73b11869e719aa532815

ATLAS-2981: Skip trusted proxy authentication if doAsUser is same as remote user.
18350777 · nixonrodrigues · 5da37648 · 18350777
Commit 18350777 authored Nov 27, 2018 by nixonrodrigues
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

AtlasAuthenticationFilter.java ...g/apache/atlas/web/filters/AtlasAuthenticationFilter.java +1 -1

No files found.
--- a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
+++ b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
@@ -447,7 +447,7 @@ public class AtlasAuthenticationFilter extends AuthenticationFilter {
                    // Create the proxy user if doAsUser exists
                    String doAsUser = supportTrustedProxy ? Servlets.getDoAsUser(httpRequest) : null;
-                    if (supportTrustedProxy && doAsUser != null) {
+                    if (supportTrustedProxy && doAsUser != null && !doAsUser.equals(httpRequest.getRemoteUser())) {
                        LOG.debug("doAsUser is {}", doAsUser);
                        UserGroupInformation requestUgi = (token != null) ? UserGroupInformation.createRemoteUser(token.getUserName()) : null;