From afc07d0d3fd780352c6a4945f6ee981012fb9f74 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhi@apache.org>
Date: Fri, 22 May 2026 17:15:56 -0700
Subject: [PATCH 1/2] Set ranger-admin header authn values to null

---
 .../src/main/resources/conf.dist/ranger-admin-site.xml        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml b/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
index d1fccc27d7f..92534e2a52f 100644
--- a/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
+++ b/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
@@ -278,11 +278,11 @@
 	</property>
 	<property>
 		<name>ranger.admin.authn.header.username</name>
-		<value>x-awc-username</value>
+		<value></value>
 	</property>
 	<property>
 		<name>ranger.admin.authn.header.requestid</name>
-		<value>x-awc-requestid</value>
+		<value></value>
 	</property>
 	<!-- Trusted header auth properties end -->
 	<!-- Kerberos Properties starts-->	

From d42e5991687d4a6c0e93a83edaa96a410f0c9ff1 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhi@apache.org>
Date: Sat, 23 May 2026 22:33:22 -0700
Subject: [PATCH 2/2] Enhance header authentication initialization logic

---
 .../web/filter/RangerHeaderPreAuthFilter.java       | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerHeaderPreAuthFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerHeaderPreAuthFilter.java
index f5850c23a5e..8e87fe30df1 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerHeaderPreAuthFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerHeaderPreAuthFilter.java
@@ -61,8 +61,17 @@ public class RangerHeaderPreAuthFilter extends GenericFilterBean {
 
     @PostConstruct
     protected void initialize() {
-        headerAuthEnabled  = PropertiesUtil.getBooleanProperty(PROP_HEADER_AUTH_ENABLED, false);
-        userNameHeaderName = PropertiesUtil.getProperty(PROP_USERNAME_HEADER_NAME);
+        headerAuthEnabled = PropertiesUtil.getBooleanProperty(PROP_HEADER_AUTH_ENABLED, false);
+    
+        if (headerAuthEnabled) {
+            userNameHeaderName = PropertiesUtil.getProperty(PROP_USERNAME_HEADER_NAME);
+    
+            if (StringUtils.isBlank(userNameHeaderName)) {
+                LOG.warn("Disabling header-based authentication, as configuration {} is not set", PROP_USERNAME_HEADER_NAME);
+    
+                headerAuthEnabled = false;
+            }
+        }
     }
 
     @Override