yuanbo Hadoop Security team has brought to my attention that this feature has potential to weaken security. When user is not authorized in the first proxy user list, the Authorization exception is captured and return null. This allows the second proxy list to be checked if user chain StaticUserWebFilter and another AuthenticationFilterWithProxyUser together per your comment in HADOOP-14060. However, this procedure can trigger replay attack of using ProxyUser credential to fool other services because the end user credential is not authorized to use first proxy user in the first place. Given this reason, I have no choice but revert this commit. Sorry that I missed to spot the problem in the first round of review.
When reverting this change, this may impact managed service, like the cluster system administrator and users are from two companies. You may need to review if your clusters depend on this feature.
Also fix some inappropriate operation of null point condition in YARN app controller.