diff --git a/CHANGES.txt b/CHANGES.txt
index 450d3f2cdf..bb07b9bb61 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -50,6 +50,9 @@ Trunk (unreleased changes)
     HADOOP-6526. Need mapping from long principal names to local OS 
     user names. (boryas)
 
+    HADOOP-6814. Adds an API in UserGroupInformation to get the real
+    authentication method of a passed UGI. (Jitendra Pandey via ddas)
+
   BUG FIXES
     HADOOP-6638. try to relogin in a case of failed RPC connection (expired tgt) 
     only in case the subject is loginUser or proxyUgi.realUser. (boryas)
diff --git a/src/java/org/apache/hadoop/security/UserGroupInformation.java b/src/java/org/apache/hadoop/security/UserGroupInformation.java
index 22e7b990d7..db8ff6a500 100644
--- a/src/java/org/apache/hadoop/security/UserGroupInformation.java
+++ b/src/java/org/apache/hadoop/security/UserGroupInformation.java
@@ -735,6 +735,22 @@ public class UserGroupInformation {
     }
     return null;
   }
+  
+  /**
+   * Returns the authentication method of a ugi. If the authentication method is
+   * PROXY, returns the authentication method of the real user.
+   * 
+   * @param ugi
+   * @return AuthenticationMethod
+   */
+  public static AuthenticationMethod getRealAuthenticationMethod(
+      UserGroupInformation ugi) {
+    AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
+    if (authMethod == AuthenticationMethod.PROXY) {
+      authMethod = ugi.getRealUser().getAuthenticationMethod();
+    }
+    return authMethod;
+  }
 
   /**
    * Compare the subjects to see if they are equal to each other.
diff --git a/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java b/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
index 7d0e0aea41..29728e8921 100644
--- a/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
+++ b/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
@@ -277,6 +277,8 @@ public class TestUserGroupInformation {
     Assert.assertEquals(am, ugi.getAuthenticationMethod());
     Assert.assertEquals(null, proxyUgi.getAuthenticationMethod());
     proxyUgi.setAuthenticationMethod(AuthenticationMethod.PROXY);
+    Assert.assertEquals(am, UserGroupInformation
+        .getRealAuthenticationMethod(proxyUgi));
     proxyUgi.doAs(new PrivilegedExceptionAction<Object>() {
       public Object run() throws IOException {
         Assert.assertEquals(AuthenticationMethod.PROXY, UserGroupInformation