forked from apache/knox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCHANGES
2013 lines (1970 loc) · 139 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.5.0
------------------------------------------------------------------------------
** New Features
* [KNOX-843] - Load Balancing to Proxied Services for HA (disabled by default) (#380)
* [KNOX-2412] - Add Logout Link to Home Page for Select Authentication Providers and KNOXSESSION service (#372)
* [KNOX-2392] - Simple file-based TokenStateService implementation (#350)
* [KNOX-2386] - Added CM service discovery support for Apache Flink (#344)
* [KNOX-2385] - Flink Dashboard (History Server) Support (#343)
* [KNOX-2354] - An HBASEJARS service which can proxy HBase jars hosted by t… (#325)
** Improvements
* [KNOX-2469] - Fixing Knox keystore path directory creation for symlinks (#383)
* [KNOX-2468] - Improve ConfigurableDispatch set cookies (#385)
* [KNOX-2401] - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384)
* [KNOX-2462] - Make credential store type configurable (#381)
* [KNOX-2467] - Enable Jetty's X-Forwarded Header Support (#382)
* [KNOX-2461] - Move JWT token display utility to module shared by server and client modules (#379)
* [KNOX-2459] - KNOX-METADATA, KNOXSSOUT and KNOX-SESSION services do not need any URL or param to be added in the generated topology (#377)
* [KNOX-2453] - Fix Host header handling in websockets (#374)
* [KNOX-2437] - The request url does not have to be coded (#370)
* [KNOX-2408] - Improved AliasBasedTokenState service and house-keeping (#371)
* [KNOX-2402] - Adding Gateway performance testing (#365)
* [KNOX-2413] - Added JWT support in HadoopAuth provider (#367)
* [KNOX-2436] - Add new service for replacing resourceManager property during Oozie usage (#369)
* [KNOX-2435] - Fix NiFi and NiFi Registry UI links in Knox UI (#368)
* [KNOX-2434] - Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS (#366)
* [KNOX-2397] - knox failed to start with error "java.lang.NoSuchMethodError: org.eclipse.persistence.internal.oxm.mappings.Field.setNestedArray(Z)V" (#357)
* [KNOX-2410] - Handling the new 'RestartWaitingForStalenessSuccess' CM audit event (#364)
* [KNOX-2406] - Use dependency bom for dependency management (#363)
* [KNOX-2399] - Implemented ZookeeperTokenStateService (#361)
* [KNOX-2395] - Make Gateway Services Pluggable (#358)
* [KNOX-2343] - Enhanced API services' display on the Knox Home page (#355)
* [KNOX-2255] - Setting HTTP client connection/socket timeout to 5m for certain services as well as replayBufferSize to 65 bytes for RANGER and useTwoWaySsl to true for NIFI/NIFI-REGISTRY by default (#354)
* [KNOX-2344] - Rename gateway-cm-integration module and related resources (#353)
* [KNOX-2382] - Logging token identifier for easier error debugging (#352)
* [KNOX-2393] - Update the property name to 'sso.unauthenticated.path.list' to be in-line with other property names (#351)
* [KNOX-2393] - Add a configurable list of paths that SSOCookieProvider can ignore (#349)
* [KNOX-2390] - Let end-users configure SAML2 client configuration using Pac4J provider parameters (#348)
* [KNOX-2387] - SameSite fix for hadoop-jwt cookie (#347)
* [KNOX-2389] - AliasBasedTokenStateService stops processing persisted journal entries if one is malformed (#346)
* [KNOX-2377] - Address potential loss of token state (#345)
* [KNOX-2381] - racking UI of flink session is broken in YARNUIV2 (#340)
* [KNOX-2383] - Checking token expiration in cache should not depend on the validate flag (#341)
* [KNOX-2384] - Token Service should return expiration from token when renewal disabled (#342)
* [KNOX-2378] - AliasBasedTokenStateService log message is misleading (#339)
* [KNOX-2376] - Ensure all HBASEJARS IN rules are for /hbase/jars and not /hbase/maven (#338)
* [KNOX-2375] - Token state eviction should access the keystore file less frequently (#337)
* [KNOX-2371] - DefaultTopologyService may skip cluster config change processing of valid descriptors (#336)
* [KNOX-2366] - Pinned topologies are expanded and general proxy information section is collapsed on HomePage by default (#335)
* [KNOX-2369] - Fix IllegalStateException in case of expired or invalid token (#334)
* [KNOX-2368] - CM Cluster Configuration Monitor Does Not Support Rolling Restart Events
* [KNOX-2367] - Fix rewrite rules for HDFS UI fonts and bootstrap.min.css.map (#332)
* [KNOX-2348] - Fix knoxcli when kerberos auth is used (#331)
* [KNOX-2365] - Knox parses shared provider configuration from Hadoop XML type configuration files (#330)
* [KNOX-2356] - Added a 50px high div before the footer to prevent overflow from resource detail panel (#329)
* [KNOX-2360] - Add .asf.yaml to link Jira and Github
* [KNOX-2357] - Descriptor handler should not default discovery type to Ambari unless there is discovery configuration (#326)
* [KNOX-2359] - Knox src zip should not include node_modules folder (#328)
* [KNOX-2351] - Catching any errors while monitoring CM configuration changes (#324)
* [KNOX-2355] - Update Atlas rewrite.xml/service.xml for new Atlas UI changes (#323)
* [KNOX-2352] - Knox Token State Eviction Should Be Based on Expiration and Extended Default Grace Period (#321)
* [KNOX-2353] - Disabled CM descriptor monitoring and advanced service discovery changes monitoring by default (#322)
* [KNOX-2350] - Handling event types w/o COMMAND and/or COMMAND_STATUS attributes when polling CM events (#318)
* [KNOX-2346] - Remove unused maxRetryAttempts and retrySleep (#316)
* [KNOX-2347] - Disable shellcheck for github actions (#317)
* [KNOX-2345] - KnoxShellTable must handle NULL cols
* [KNOX-2342] - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice - add testing
* [KNOX-2342] - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice
** Upgrades
* [KNOX-2431] - Upgrade rest-assured to 4.3.1
* [KNOX-2424] - Upgrade protobuf-java to 3.12.4
* [KNOX-2426] - Upgrade groovy to 3.0.5
* [KNOX-2425] - Upgrade checkstyle to 8.35
* [KNOX-2430] - Upgrade caffeine to 2.8.5
* [KNOX-2429] - Upgrade bcprov-jdk15on to 1.66
* [KNOX-2427] - Upgrade aspectj to 1.9.6
* [KNOX-2423] - Upgrade commons-io to 2.7
* [KNOX-2417] - Upgrade log4j to 2.13.3
* [KNOX-2415] - Upgrade joda-time to 2.01.6
* [KNOX-2418] - Upgrade jetty to 9.4.30.v20200611
* [KNOX-2419] - Upgrade jackson to 2.11.1
* [KNOX-2416] - Upgrade frontend-maven-plugin to 1.10.0
* [KNOX-2414] - Upgrade dom4j to 2.1.3
* [KNOX-2422] - Upgrade commons-text to 1.9
* [KNOX-2421] - Upgrade commons-lang3 to 3.11
* [KNOX-2221] - Upgrade shiro to 1.5.3 (#360)
* [KNOX-2404] - Update AdminUI and Homepage NodeJS dependencies (#359)
* [KNOX-2454] - Upgrade jetty to 9.4.31.v20200723
* [KNOX-2447] - Upgrade testcontainers to 1.14.3
* [KNOX-2452] - Upgrade netty to 4.1.52.Final
* [KNOX-2451] - Upgrade protobuf-java to 3.13.0
* [KNOX-2450] - Upgrade maven-bundle-plugin to 5.1.1
* [KNOX-2449] - Upgrade jna to 5.6.0
* [KNOX-2448] - Upgrade exec-maven-plugin to 3.0.0
* [KNOX-2446] - Upgrade jackson to 2.11.2
* [KNOX-2445] - Upgrade spring to 5.2.8.RELEASE
* [KNOX-2443] - Upgrade spotbugs to 4.1.2
* [KNOX-2428] - Upgrade metrics to 4.1.12.1
* [KNOX-2440] - Upgrade dependency-check-maven to 6.0.0
* [KNOX-2444] - Upgrade commons-net to 3.7
* [KNOX-2441] - Upgrade commons-codec to 1.15
* [KNOX-2442] - Upgrade checkstyle to 8.36
* [KNOX-2439] - Upgrade commons-io to 2.8.0 and forbiddenapis to 3.1
* [KNOX-2472] - Upgrade jetty to 9.4.34.v2020110
* [KNOX-2471] - Upgrade Shiro to 1.7.0
* [KNOX-2405] - Upgrade transitive Netty to 4.1.51.Final (#362)
* [KNOX-2432] - and KNOX-2433 - Upgrade spotbugs to 4.0.6 and spotbugs-maven-plugin to 4.0.4
* [KNOX-2455] - Upgrade Shiro to 1.6.0 (#378)
* [KNOX-2458] - KnoxAuth - Upgrade to JQuery 3.5.1 (#376)
* [KNOX-2337] - Upgrade pac4j to 4.0.3 and opensaml to 3.4.5 (#308)
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.4.0
------------------------------------------------------------------------------
** New Feature
* [KNOX-2153] - CM discovery - Monitor Cloudera Manager (#239)
* [KNOX-2002] - Add a KnoxShellTable to Represent and Render Output in Tabular Format
* [KNOX-2224] - KnoxLine and KnoxShell DataSource and Select Command Alignment (#255)
* [KNOX-2341] - KnoxShell Custom Commands need Description and Usage Details (#313)
* [KNOX-2310] - Add aggregate method to KnoxShellTable (#302)
* [KNOX-2308] - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300)
* [KNOX-2307] - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301)
* [KNOX-2240] - KnoxShell Custom Command for WEBHDFS Use (#296)
* [KNOX-2299] - Fixed Hive JDBC URL on Knox Home page (#293)
* [KNOX-2296] - Passing down the service URL field when building up a service model (#290)
* [KNOX-2298] - ClouderaManager cluster config monitor should stop monitoring unreferenced clusters (#291)
* [KNOX-2295] - UI services improvement on Knox Home page (#289)
* [KNOX-2269] - The Knox Home page is available as a regular app via the homepage topology (#281)
* [KNOX-2066] - Composite Authz Provider
* [KNOX-2067] - KnoxToken service support for renewal and revocation
* [KNOX-2024] - KnoxShellTable - Case Insensitive Operations with Col Names (#160)
* [KNOX-2018] - KnoxShellTable Filtering needs greaterThan and lessThan, equals Methods (#158)
* [KNOX-2027] - Need a reverse order sort on a table based on a column. (#159)
* [KNOX-2060] - Extend KnoxShellTable statistics methods to work with columns of Strings (#168)
* [KNOX-2057] - Unique ID is set when creating a new instance of KnoxShellTable instead of setting it in the builder/filter (#165)
* [KNOX-2063] - KnoxShellTable javadoc failures (#167)
* [KNOX-2052] - KnoxShellTable mean, median, and mode methods (#163)
* [KNOX-2023] - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) (#162)
* [KNOX-2022] - KnoxShellTable contains Comparables instead of Strings
* [KNOX-2022] - Splitting up KnoxShellTable and do minor cleanup
* [KNOX-1740] - Add Trusted Proxy Support to Knox (#106)
* [KNOX-2056] - Adding Service Definitions management into Admin UI (#169)
* [KNOX-2053] - New REST API to create/read/update/delete service definitions (#164)
* [KNOX-2226] - Add home page to Knox (#263)
* [KNOX-1742] - add knoxline to knoxshell usage rendering
* [KNOX-1410] - Knox Shell support for remote Alias management (#210)
* [KNOX-2210] - Gateway-level configuration for server-managed Knox token state (#259)
** Improvement
* [KNOX-2339] - Add Github Actions for CI (#311)
* [KNOX-2321]. /LogLevel with knox not working for Hdfs web ui endpoints. (#314)
* [KNOX-2340] - Fix DefaultTokenStateServiceTest timeouts (#312)
* [KNOX-2338] - Upgrade apacheds.directory.server.version to 2.0.0.AM26 (#309)
* [KNOX-2332] - Upgrade spotbugs-maven-plugin to 4.0.0
* [KNOX-2331] - Upgrade spotbugs to 4.0.1
* [KNOX-2330] - Upgrade spring-core to 5.2.5.RELEASE
* [KNOX-2333] - Upgrade rest-assured to 4.3.0
* [KNOX-2322] - Upgrade nimbus-jose-jwt to 8.14.1
* [KNOX-2324] - Upgrade metrics to 4.1.6
* [KNOX-2334] - Upgrade maven-dependency-plugin to 3.1.2
* [KNOX-2335] - Upgrade java-support to 8.0.0
* [KNOX-2336] - Upgrade httpclient to 4.5.12
* [KNOX-2323] - Upgrade groovy to 3.0.3
* [KNOX-2329] - Upgrade dependency-check-maven to 5.3.2
* [KNOX-2327] - Upgrade commons-lang3 to 3.10
* [KNOX-2328] - Upgrade checkstyle to 8.31
* [KNOX-2326] - Upgrade bcprov-jdk15on to 1.65
* [KNOX-2325] - Upgrade asm to 8.0.1
* [KNOX-2304] - CM discovery cluster config monitor needs to be aware of … (#307)
* [KNOX-2320] - Upgrade xmlsec to 2.1.5
* [KNOX-2319] - Upgrade commons-compress to 1.20
* [KNOX-2315] - Fix zookeeper Kerberos Auth (#304)
* [KNOX-2316] - Knox Token State Eviction Must Consider Maximum Token Lifetime (#306)
* [KNOX-2317] - Open UI services from Knox Home page on new tabs (#305)
* [KNOX-2287] - KnoxCLI convert topology to provider and descriptor (#292)
* [KNOX-2305] - Blacklist Maven 3.6.2 and move cloudera repository to child pom (#295)
* [KNOX-2300] - Livy and Solr handled as both API and UI services (#294)
* [KNOX-2289] - Passing GatewayServer.getGatewayServices() to SimpleDescriptorHandler.handle() as it needs it to provision encryption query string password (#288)
* [KNOX-2286] - Cleaner log messages about monitoring topologies/providers/descriptors (#287)
* [KNOX-2285] - Change gateway.server.header.enabled default to false
* [KNOX-2284] - Handling CM descriptors after Knox shared-provider/descriptor/topology monitors are started (#285)
* [KNOX-2266] - Tokens Should Include a Unique Identifier (#284)
* [KNOX-2267] - Ambari/CM discovery - Needs to point to configured truststore
* [KNOX-2282] - Upgrade curator to 4.3.0
* [KNOX-2275] - Upgrade woodstox-core to 6.1.1
* [KNOX-2270] - Upgrade testcontainers to 1.13.0
* [KNOX-2277] - Upgrade spring-vault to 2.2.2.RELEASE
* [KNOX-2279] - Upgrade spring-core to 5.2.4.RELEASE
* [KNOX-2274] - Upgrade log4j2 to 2.13.1
* [KNOX-2276] - Upgrade metrics to 4.1.4
* [KNOX-2271] - Upgrade nimbus-jose-jwt to 8.9
* [KNOX-2278] - Upgrade jetty to 9.4.27.v20200227
* [KNOX-2272] - Upgrade jackson to 2.10.3
* [KNOX-2281] - Upgrade eclipselink to 2.7.6
* [KNOX-2280] - Upgrade cors-filter to 2.9
* [KNOX-2273] - Upgrade checkstyle to 8.30
* [KNOX-2243] - Upgrade groovy to 3.0.1
* [KNOX-2247] - Upgrade zookeeper to 3.5.7
* [KNOX-2244] - Upgrade spotbugs to 4.0.0
* [KNOX-2246] - Upgrade protobuf-java to 3.11.4
* [KNOX-2241] - Upgrade nimbus-jose-jwt to 8.8
* [KNOX-2242] - Upgrade metrics to 4.1.3
* [KNOX-2245] - Upgrade maven-checkstyle-plugin to 3.1.1
* [KNOX-2248] - Upgrade cryptacular to 1.2.4
* [KNOX-2220] - Upgrade nimbus-jose-jwt to 8.5
* [KNOX-2218] - Upgrade easymock to 4.2
* [KNOX-2219] - Upgrade checkstyle to 8.29
* [KNOX-2217] - Upgrade apache pom to 23
* [KNOX-2191] - Upgrade testcontainers to 1.12.5
* [KNOX-2194] - Upgrade spring-vault to 2.2.1.RELEASE
* [KNOX-2199] - Upgrade spring-core to 5.2.3.RELEASE
* [KNOX-2193] - Upgrade rest-assured to 4.2.0
* [KNOX-2195] - Upgrade jetty to 9.4.26.v20200117
* [KNOX-2192] - Upgrade httpclient to 4.5.11
* [KNOX-2198] - Upgrade groovy to 2.5.9
* [KNOX-2197] - Upgrade dependency-check-maven to 5.3.0
* [KNOX-2196] - Upgrade caffeine to 2.8.1
* [KNOX-2178] - Upgrade woodstox-core to 6.0.3
* [KNOX-2181] - Upgrade testcontainers to 1.12.4
* [KNOX-2183] - Upgrade spring-core to 5.2.2.RELEASE
* [KNOX-2175] - Upgrade slf4j to 1.7.30
* [KNOX-2180] - Upgrade protobuf-java to 3.11.1
* [KNOX-2173] - Upgrade nimbus-jose-jwt to 8.4
* [KNOX-2179] - Upgrade metrics to 4.1.2
* [KNOX-2184] - Upgrade maven-enforcer-plugin to 3.0.0-M3
* [KNOX-2177] - Upgrade log4j to 2.13.0
* [KNOX-2170] - Upgrade junit to 1.14
* [KNOX-2174] - Upgrade jetty to 9.4.25.v20191220
* [KNOX-2169] - Upgrade jackson to 2.10.2
* [KNOX-2165] - Upgrade httpcore to 4.4.13
* [KNOX-2172] - Upgrade guava to 28.2-jre
* [KNOX-2167] - Upgrade frontend-maven-plugin to 1.9.1
* [KNOX-2185] - Upgrade dependency-check-maven to 5.2.4
* [KNOX-2168] - Upgrade commons-codec to 1.14
* [KNOX-2176] - Upgrade cloudera-manager-api to 7.0.3
* [KNOX-2171] - Upgrade checkstyle to 8.28
* [KNOX-2182] - Upgrade aspectj to 1.9.5
* [KNOX-2164] - Upgrade asm to 7.3.1
* [KNOX-2166] - Upgrade apache pom to 22
* [KNOX-2143] - Upgrade shiro to 1.4.2 (#209)
* [KNOX-2135] - Fix YARNUIV2 RM Logs sub-links (#204)
* [KNOX-2142] - Upgrade jetty to 9.4.24.v20191120 (#208)
* [KNOX-2140] - RequestUpdateHandler.ForwardedRequest#getRequestURL needs to return a valid URL (#206)
* [KNOX-2074]: Tracking UI of flink session is broken in YARNUI (#174)
* [KNOX-2004] - Adding changes for handling Ping/Pong message from backend server on websocket connection (#200)
* [KNOX-2133] - Ensure that Knox always validates TLS (#203)
* [KNOX-2238] - CM discovery - Add TLS support to Phoenix auto discovery (#267)
* [KNOX-2120] - Upgrade easymock to 4.1
* [KNOX-2119] - Upgrade jackson to 2.10.1
* [KNOX-2118] - Upgrade checkstyle to 8.26
* [KNOX-2117] - Upgrade testcontainers to 1.12.3
* [KNOX-2116] - com.nimbusds:lang-tag needs a fixed version
* [KNOX-2115] - Improve .travis.yml (#187)
* [KNOX-2113] - Upgrade mina-core to 2.0.21 (#185)
* [KNOX-2114] - Add OWASP suppression for cas-client-core
* [KNOX-2098] - OWASP Add Nov 2019 suppressions for false positives (#184)
* [KNOX-2100] - Make sure knoxshell initializes logging by using the 'launcher' framework like other products (gateway, cli, ldap) do (#181)
* [KNOX-2112] - Upgrade dom4j to 2.1.1 (#183)
* [KNOX-2111] - Upgrade java-support to 7.5.1
* [KNOX-2110] - Upgrade xmlsec to 2.1.4
* [KNOX-2109] - Upgrade nimbus-jose-jwt to 8.2.1
* [KNOX-2108] - Upgrade pac4j to 3.8.3
* [KNOX-2107] - Upgrade spring-vault to 2.2.0.RELEASE
* [KNOX-2106] - Upgrade spring-core to 5.2.1.RELEASE
* [KNOX-1842] - Upgrade httpclient to 4.5.10 (#176)
* [KNOX-2075] - Druid coordinator ui is broken (#175)
* [KNOX-2094] - Upgrade httpcore to 4.4.12
* [KNOX-2081] - Upgrade zookeeper to 3.5.6
* [KNOX-2088] - Upgrade spring-vault to 2.1.4.RELEASE
* [KNOX-2077] - Upgrade spring-core to 5.2.0.RELEASE
* [KNOX-2093] - Upgrade slf4j to 1.7.29
* [KNOX-2078] - Upgrade rest-assured to 4.1.2
* [KNOX-2084] - Upgrade nimbus-jose-jwt to 8.2
* [KNOX-2085] - Upgrade metrics to 4.1.1
* [KNOX-2089] - Upgrade joda-time to 2.10.5
* [KNOX-2092] - Upgrade jna to 5.5.0
* [KNOX-2087] - Upgrade jetty to 9.4.22.v20191022
* [KNOX-2090] - Upgrade javax.inject to 2.4.0
* [KNOX-2079] - Upgrade jacoco-maven-plugin to 0.8.5
* [KNOX-2083] - Upgrade hamcrest to 2.2
* [KNOX-2080] - Upgrade forbiddenapis to 2.7
* [KNOX-2091] - Upgrade findsecbugs to 1.10.1
* [KNOX-2086] - Upgrade eclipselink to 2.7.5
* [KNOX-2082] - Upgrade dockerfile-maven-plugin to 1.4.13
* [KNOX-2064] - KnoxSSO knoxsso.token.ttl should not default to -1
* [KNOX-1981] - Upgrade spring-core to 5.1.9.RELEASE
* [KNOX-1977] - Upgrade spotbugs-maven-plugin to 3.1.12.2
* [KNOX-1974] - Upgrade protobuf-java to 3.9.1
* [KNOX-1979] - Upgrade dockerfile-maven-plugin to 1.4.12
* [KNOX-1983] - Upgrade commons-codec to 1.13
* [KNOX-1982] - Upgrade testcontainers to 1.12.0
* [KNOX-1975] - Upgrade slf4j to 1.7.27
* [KNOX-1978] - Upgrade nimbus-jose-jwt to 7.7
* [KNOX-1984] - Upgrade jna to 5.4.0
* [KNOX-1985] - Upgrade javax.annotation-api to 1.3.2
* [KNOX-1972] - Upgrade groovy to 2.5.8
* [KNOX-1976] - Upgrade dependency-check-maven to 5.2.1
* [KNOX-1973] - Upgrade cloudera-manager-api 6.2.0 to 6.3.0
* [KNOX-1980] - Upgrade checkstyle to 8.23
* [KNOX-1971] - Upgrade Hashicorp Vault test to vault:1.2.1
* [KNOX-2065] - Upgrade nimbus-jose-jwt to 8.1
* [KNOX-2061] - ConfigurableHADispatch needs to be wired up
* [KNOX-2059] - Upgrade bcprov-jdk15on to 1.64
* [KNOX-2058] - Upgrade commons-compress to 1.19
* [KNOX-2026] - Accept Impala's authentication cookies (#161)
* [KNOX-2051] - Upgrade asm to 7.2
* [KNOX-2050] - Upgrade jackson to 2.10.0
* [KNOX-2015] - Allow end-users to exclude only certain directives of the SET-COOKIE HTTP header (#154)
* [KNOX-2024] - Fix testNameMethod test
* [KNOX-1996] - Adding changes to remove extra / while generating backedn … (#142)
* [KNOX-2048] - Upgrade pac4j to 3.8.2
* [KNOX-2047] - Upgrade dependency-check-maven to 5.2.2
* [KNOX-2046] - Upgrade hadoop to 3.2.1
* [KNOX-2045] - Upgrade joda-time to 2.10.4
* [KNOX-2044] - Upgrade protobuf-java to 3.10.0
* [KNOX-2043] - Upgrade bcprov-jdk15on to 1.63
* [KNOX-2042] - Upgrade testcontainers to 1.12.1
* [KNOX-2041] - Upgrade rest-assured to 4.1.1
* [KNOX-2040] - Upgrade commons-text to 1.8
* [KNOX-2039] - Upgrade checkstyle to 8.24
* [KNOX-2038] - Upgrade guava to 28.1-jre
* [KNOX-2037] - Upgrade nimbus-jose-jwt to 7.8
* [KNOX-2029] - Upgrade log4j2 to 2.12.1
* [KNOX-2030] - Upgrade frontend-maven-plugin to 1.8.0
* [KNOX-2031] - Upgrade slf4j to 1.7.28
* [KNOX-2032] - Upgrade cglib to 3.3.0
* [KNOX-2033] - Upgrade commons-beanutils to 1.9.4
* [KNOX-2034] - Upgrade jetty to 9.4.20.v20190813
* [KNOX-2035] - Upgrade maven-bundle-plugin to 4.2.1
* [KNOX-2036] - Upgrade cors-filter to 2.8
* [KNOX-2028] - Upgrade jackson to 2.9.10
* [KNOX-1939] - Upgrade jackson-databind to 2.9.9.1
* [KNOX-1950] - YARN v2 UI - Tools - Yarn Daemon Logs - /logs/stacks link broken
* [KNOX-1949] - CM discovery - Improve efficiency of discovery
* [KNOX-1938] - Upgrade nimbus-jose-jwt to 7.5.1
* [KNOX-1945] - Upgrade spring-vault to 2.1.3.RELEASE
* [KNOX-1944] - Upgrade protobuf-java to 3.9.0
* [KNOX-1942] - Upgrade spotbugs-maven-plugin to 3.1.12.1
* [KNOX-1937] - Upgrade testcontainers to 1.11.4
* [KNOX-1936] - Upgrade log4j2 to 2.12.0
* [KNOX-1941] - Upgrade joda-time to 2.10.3
* [KNOX-1943] - Upgrade dependency-check-maven to 5.2.0
* [KNOX-1940] - Upgrade commons-text to 1.7
* [KNOX-1924] - Upgrade org.abstractj.libpam4j 1.9.1 to org.kohsuke.libpam4j 1.11 (#116)
* [KNOX-1923] - Upgrade nodejs to latest LTS v10.16.0 (#117)
* [KNOX-2010] - Upgrade zookeeper to 3.5.5 (#152)
* [KNOX-2203] - Upgrade admin-ui npm dependencies (#245)
* [KNOX-1969] - Upgrade jackson-databind to 2.9.9.3
* [KNOX-1966] - Upgrade jackson-databind to 2.9.9.2
* [KNOX-1885] - Upgrade jetty to 9.4.19.v20190610
* [KNOX-2301] - Trigger discovery for descriptors at gateway start time
* [KNOX-2302] - Skip re-deployment of generated topology if the topology has not changed (#297)
* [KNOX-2265] - Checking CM configs by their related names and read hive.server2.use.SSL from the service configuration (#280)
* [KNOX-2263] - Docker - make sure not to put anything except version in the tag (#279)
* [KNOX-2258] - Add filter for Location header (#277)
* [KNOX-2258] - Add new rewrite rule in Livy service for handling redirect requests to /ui (#276)
* [KNOX-2212] - Token permissiveness (#274)
* [KNOX-2249] - Add Spark 3 History Server definition (#270)
* [KNOX-2250] - maven-antrun-plugin use target instead of tasks (#273)
* [KNOX-2239] - Websocket use the configured truststore in gateway-site config file (#269)
* [KNOX-2230] - Token State Service should throw UnknownTokenException instead of IllegalArgumentException (#268)
* [KNOX-2237] - CM service discovery should default the http path of Hive URLs when the associated property is not set (#266)
* [KNOX-2161] - CM generated descriptors are read-only on Admin UI (#265)
* [KNOX-2233] - DefaultKeystoreService getCredentialForCluster uses cache without synchronization (#264)
* [KNOX-2189] - KnoxShellTable.select() must handle whitespace (#256)
* [KNOX-2214] - Periodic job to evict expired tokens (#257)
* [KNOX-2228] - JWTFilter should handle unknown token exception from token state service (#260)
* [KNOX-2227] - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable (#258)
* [KNOX-2222] - Fix HBase UI Proxying for HBCK Report page (#254)
* [KNOX-2207] - TokenStateService revocation should remove persisted token state (#252)
* [KNOX-2215] - Token service should return a 403 response when the renewer is not white-listed (#251)
* [KNOX-2213] - Service Discovery Support for CM UI, API (#249)
* [KNOX-2209] - Improve logging for Knox token handling (#250)
* [KNOX-2206] - Log exclusion of a discovered service due to configuration issues (#248)
* [KNOX-2208] - AclsAuthorizationFilter should log access at DEBUG level (#247)
* [KNOX-2204] - KnoxLine NPE list datasources when directories don't exist (#246)
* [KNOX-2202] - Knox should use UTF-8 as default encoding instead of ISO-8859-1 (#244)
* [KNOX-2190] - Processing advanced service discovery configuration on topology level (#242)
* [KNOX-2188] - Handling discovery details via advanced configuration (#240)
* [KNOX-1742] - Simple SQL Client in KnoxShell for access to JDBC sources (#241)
* [KNOX-2186] - Advanced service discovery configuration handling (#238)
* [KNOX-2128] - fix javadoc warnings/errors
* [KNOX-2128] - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable (#231)
* [KNOX-2160] - Introducing Hadoop XML type descriptor format (#236)
* [KNOX-2162] - Log no rewrite rule found at DEBUG level
* [KNOX-1951] - Service Discovery Support for NiFi and NiFi Registry UI (#235)
* [KNOX-718 ] - KnoxSSO login page doesn't display any feedback on error (#234)
* [KNOX-2157] - Verifying the server's state in addition to PID check at gateway start and registering shutdown hook in order to stop the server gracefully. (#230)
* [KNOX-2149] - Added JWT OIDC Verification based on JWKS Urls and extract custom claim
* [KNOX-2101] - knoxshell doesn't handle invalid TLS well (#232)
* [KNOX-2148] - ZEPPELINUI service definition should pass query parameters for API
* [KNOX-2156] - CM discovery - KUDUUI discovery (#228)
* [KNOX-2155] - KnoxSSO should handle multiple cookies with the same name
* [KNOX-2154] - Allow KNOX service during topology generation without URLs and parameters (#226)
* [KNOX-2147] - Mask username/password in case we display call history and keep them safely (by setting proper file permissions) in JSON file (#217)
* [KNOX-2152] - Disable Ambari cluster configuration monitoring by default (#225)
* [KNOX-2151] - HIVE_ON_TEZ HS2 Discovery doesn't work (#224)
* [KNOX-1970] - CM discovery - Add Impala HS2 to auto discovery (#223)
* [KNOX-2134] - Checking if password/alias is available via local alias service before going to fetch it from remote ZK server (#218)
* [KNOX-1932] - CM discovery - WEBHCAT URLs not discovered (#222)
* [KNOX-1921] - CM discovery - Hue Load balancer HTTP/HTTPS scheme (#221)
* [KNOX-2123] - Setting requestURI using the given servletRequest in case the service is unavailable and logging it with the appropriate action outcome (#219)
* [KNOX-1935] - CM discovery - Hue should not have both LB and non LB (#220)
* [KNOX-2136] - Caching credentials in DefaultKeystoreService when an alias is being added or loaded from keystore and using a different cache implementation (#213)
* [KNOX-1962] - CM discovery - Avoid reading krb5 login config multiple t… (#215)
* [KNOX-2132] - JDBCKnoxShellTableBuilder should have optional username and password fields
* [KNOX-2144] - Alias API KnoxShell support should provide response types better than raw JSON (#211)
* [KNOX-2145] - WhitelistUtils should have an HTTPS_ONLY template (#212)
* [KNOX-2131] - Fixed sonarcloud bugs (#201)
* [KNOX-2127] - ZooKeeperAliasService mishandles mixed-case alias keys properly (#202)
* [KNOX-2053] - Ensure secure XML processing
* [KNOX-2122] - Use static base class constants
* [KNOX-2130] - Handle InterruptedException better (#199)
* [KNOX-2122] - Misc code cleanup (#198)
* [KNOX-2129] - Improve deprecated javadoc (#197)
* [KNOX-1997] - Fix diamond operator compiliation error
* [KNOX-1997] - Adding changes to buffer messages from backend in onMessag… (#143)
* [KNOX-2122] - Remove deprecated API usages (#194)
* [KNOX-2103] - Fix javadoc errors
* [KNOX-1718] - Hide org.apache.directory.api.ldap.model.entry.Value errors (#193)
* [KNOX-2122] - Use ThreadLocalRandom
* [KNOX-2103] - Make responseExcludeHeaders parameter in ConfigurableDispatch case insensitive (#192)
* [KNOX-2122] - Code cleanup from static code analysis (#191)
* [KNOX-2121] - Zookeeper - Reduce amount of resources required to run tests (#190)
* [KNOX-2099] - Using the default port of the protocol when no port is declared in the URL when building truststore. (#189)
* [KNOX-2104] - Removing redundant resource cleanup so that data table can keep track of its activePage/rowsOnTable attributes (#179)
* [KNOX-2105] - KnoxShell support for token renewal and revocation (#180)
* [KNOX-1878] - Enforce single version of dependencies (#102)
* [KNOX-2071] - Configurable maximum token lifetime for TokenStateService (#178)
* [KNOX-2025] - KnoxShellTable - Join Builder on Method should accept Col Names (#172)
* [KNOX-2068] - Let end-users add a new service definition from scratch (#173)
* [KNOX-2072] - Kudu web UI service definition (#171)
* [KNOX-2070] - SSOCookieFederationFilter NPE (#170)
* [KNOX-2066] - pom clean up
* [KNOX-2014] - Make sure ATLASSESSIONID cookie is set (#150)
* [KNOX-2013] - CM discovery - Add Phoenix to auto discovery (#148)
* [KNOX-1914] - New admin API to be used by the UI to fetch available service discovery types (#147)
* [KNOX-2017] - Making Cloudera repository available in Knox's parent POM so that Cloudera dependencies are available in every children project (#149)
* [KNOX-2016] - KnoxShellTable SQL Builder, Col Select, Sort
* [KNOX-1998] - WebHDFS rewrite.xml does not have rewrite rule for Location field in json (#138)
* [KNOX-1994] - Update Ranger API service definition to allow separate URL patterns
* [KNOX-2007] - Ensure wait for vault to start on exposed port
* [KNOX-1788] - New XSS Provider is added to Web Application Security Provider List (#141)
* [KNOX-2005] - Improvements to KnoxShellTable
* [KNOX-2001] - KnoxSession should log a warning message when useSubjectCredsOnly is false
* [KNOX-2000] - KnoxSession should not set javax.security.auth.useSubjectCredsOnly
* [KNOX-1999] - Make WEBHDFS rule that rewrites hdfs:// local (#139)
* [KNOX-1992] - Add a service definition for Impala's debug web pages (#137)
* [KNOX-1994] - Update Ranger API service definition to allow separate URL patterns (#136)
* [KNOX-1934] - Setting the default value of knoxsso.cookie.secure.only based on ssl.enabled flag in gateway-site.xml (#134)
* [KNOX-1990] - Testing non-existing/non-parsable JAAS configuration in sequential order even if parallel test execution is enabled (#133)
* [KNOX-1957] - Optional APP_JAVA_OPTS are handled properly (#131)
* [KNOX-1952] - Add NiFi Registry service definition (#128)
* [KNOX-1988] - In Spark History Server UI, make links for Executor logs point to YARN UI v2 (#132)
* [KNOX-1986] - Do not attempt to rewrite empty payload (#129)
* [KNOX-1967] - Add a service definition for Impala Hiveserver2 (#127)
* [KNOX-1694] - Prevent port mapped topologies from being exposed to gateway port (#126)
* [KNOX-1963] - Ranger API service should proxy xusers/users and and xusers/groups
* [KNOX-1959] - HadoopAuthCookieStore should not read krb5 login config each time
* [KNOX-1956] - Improve AdminUI development by using angular proxy conf (#122)
* [KNOX-1948] - If no rules are defined don't rewrite (#121)
* [KNOX-1588] - YARN v2 UI - Make sure that Spark and MR Job history links are handled
* [KNOX-1927] - CM discovery - ZEPPELINUI / ZEPPELINWS urls are not discovered
* [KNOX-1928] - CM discovery - Multiple of same url are added to descriptor
* [KNOX-1593] - YARN v2 UI - Application - View logs for running application
* [KNOX-1925] - KnoxPamRealm code cleanup
* [KNOX-1922] - Processing a DNSName only if the hostname starts with a letter (#115)
* [KNOX-1816] - Added shellcheck validation to our build optionally and fixed issues shellcheck already found (#114)
* [KNOX-1919] - Taking gateway.path into consideration when processing redirectToUrl provider param with the OOTB knoxsso.xml sample (#113)
* [KNOX-1917] - DefaultKeystoreService should use a shared read lock (#110)
* [KNOX-1916] - Provide default configuration for Hue in topology (#109)
* [KNOX-1911] - Support ClouderaManager Service Discovery in Admin UI
** Bug
* [KNOX-2262] - Accessing hbase logs through knox exposes hbase endpoint url instead of routing through knox
* [KNOX-2314] - NPE from topology Service equals implementation when no URLs (#303)
* [KNOX-2008] - Fix Broken RM Home Link in YARN UI.
* [KNOX-2007] - TestHashicorpVaultAliasService fails if a process is already bound to port 8200
* [KNOX-1590] - YARN v2 UI - Application - ApplicationMaster link is broken
* [KNOX-1915] - X509CertificateUtil SAN should contain fully qualified hostname
* [KNOX-1918] - Atlas API - prevent global HDFS rules from triggering (#111)
* [KNOX-1933] - Add rewrite rules to fix Yarn RM application and logs URL (#119)
* [KNOX-1744] - Add rewrite rules to fix executor stdout/stderr links in Spark History Server UI (#120)
* [KNOX-1929] - CM discovery - HIVE URLs not discovered when HIVE_ON_TEZ is deployed
* [KNOX-1930] - CM discovery - JOBTRACKER URLs not discovered
* [KNOX-1964] - YARN v1 UI - ContainerLogs link broken for Running Jobs
* [KNOX-1955] - Admin UI should handle gateway.path change (#123)
* [KNOX-1968] - YARN UI V2 proxied via Knox does not rewrite Spark stderr/stdout links
* [KNOX-1995] - If a rule doesn't match, shouldn't error. Need to handle null case
* [KNOX-2259] - KNOX-2260 KNOX-2261 - Fixed Impala/Kudu/HBase UI context path in service metadata (#282)
* [KNOX-1958] - YARN v2 UI - internal links of History and ApplicationMaster Pages.
* [KNOX-2021] - Fix typo in gateway-docker/README.md (#155)
* [KNOX-2012] - Fix an issue where multiple sessions are created during Ranger login (#146)
* [KNOX-2011] - Don't block SET-COOKIE response header for Ranger UI (#144)
* [KNOX-1987] - knox failed to start because knoxcli failed with "java.lan…g.NoSuchFieldError: DEFAULT_XML_TYPE_ATTRIBUTE" (#130)
* [KNOX-2231] - Fix KnoxSSO OIDC integration (#262)
* [KNOX-2229] - Knox shouldn't exclude Kerby since it is used by Hadoop
* [KNOX-2200] - DefaultKeystoreService can lose entries under concurrent access (#243)
* [KNOX-2002] - Fix KnoxShellTableTest build errors
* [KNOX-1742] - Fix javadoc warning
* [KNOX-2350] - Handling event types w/o COMMAND and/or COMMAND_STATUS attributes when polling CM events (#318) (#319)
* [KNOX-2353] - Disabled CM descriptor monitoring and advanced service discovery changes monitoring by default (#320)
* [KNOX-2347] - Disable shellcheck for github actions (#317)
* [KNOX-2345] - KnoxShellTable must handle NULL cols
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.3.0
------------------------------------------------------------------------------
** New Feature
* [KNOX-1880] - Support doAs for Cloudera Manager service discovery API interactions
* [KNOX-1862] - Add Service Definition for Hue UI (#97)
* [KNOX-1875] - Cloudera Manager service discovery
* [KNOX-1855] - Add Service Definition for Cloudera Manager API (#88)
* [KNOX-1774] - Introduce environment variables in gateway/knoxcli/ldap/knoxshell scripts for customization (#65)
* [KNOX-1687] - Hashicorp Vault RemoteAliasService provider
* [KNOX-1418] - Add KnoxShell command to build truststore using the gateway server's public certificate (#60)
* [KNOX-1285] - Create Apache Knox Dockerfile and image
** Improvement
* [KNOX-1912] - X509CertificateUtil should set CN and SAN
* [KNOX-1905] - Upgrade maven-pmd-plugin to 3.12.0
* [KNOX-1886] - Upgrade spotbugs-maven-plugin to 3.1.12
* [KNOX-1910] - Upgrade rest-assured to 4.0.0
* [KNOX-1909] - Upgrade javax.annotation-api to 1.3.1
* [KNOX-1908] - Upgrade checkstyle to 8.22
* [KNOX-1890] - Upgrade testcontainers to 1.11.3
* [KNOX-1907] - Upgrade pac4j to 3.7.0
* [KNOX-1884] - Upgrade spring-core to 5.1.8.RELEASE
* [KNOX-1899] - Upgrade shiro to 1.4.1
* [KNOX-1882] - Upgrade protobuf-java to 3.8.0
* [KNOX-1883] - Upgrade nimbus-jose-jwt to 7.3
* [KNOX-1897] - Upgrade metrics to 4.1.0
* [KNOX-1898] - Upgrade maven-compiler-plugin to 3.8.1
* [KNOX-1891] - Upgrade maven-checkstyle-plugin to 3.1.0
* [KNOX-1903] - Upgrade frontend-maven-plugin to 1.7.6
* [KNOX-1895] - Upgrade joda-time to 2.10.2
* [KNOX-1902] - Upgrade maven-bundle-plugin to 4.2.0
* [KNOX-1885] - Upgrade jetty to 9.4.19.v20190610
* [KNOX-1904]- Upgrade jna to 5.3.1
* [KNOX-1887]- Upgrade dependency-check-maven to 5.0.0
* [KNOX-1888] - Upgrade bcprov-jdk15on to 1.62
* [KNOX-1901] - Upgrade jansi to 1.18
* [KNOX-1893] - Upgrade jacoco-maven-plugin to 0.8.4
* [KNOX-1892] - Upgrade jackson to 2.9.9
* [KNOX-1906] - Upgrade guava to 28.0-jre
* [KNOX-1894] - Upgrade groovy to 2.5.7
* [KNOX-1900] - Upgrade commons-lang3 to 3.9
* [KNOX-1889] - Upgrade checkstyle to 8.21
* [KNOX-1896] - Upgrade cglib to 3.2.12
* [KNOX-1881] - DefaultKeystoreService should use Java NIO API locking as well
* [KNOX-1877] - Atlas service definitions should default to trusted proxy
* [KNOX-1876] - Zeppelin should default to trusted proxy for service definition (#100)
* [KNOX-1874] - Ignore irrelevant files in service definition directories (#99)
* [KNOX-1872] - Update Ranger service definitions to support trusted proxy
* [KNOX-1848] - Default to 'zookeeper' as remote alias configuration type in case it is not set in gateway-site.xml (#93)
* [KNOX-1858] - Add service name to X-Forwarded-Context header (#90)
* [KNOX-1859] - Improve alias lookup for HadoopAuthProvider (#89)
* [KNOX-1861] - KnoxSession should support configurable useSubjectCredsOnly system property setting
* [KNOX-1857] - YARNUIV2 fails with Authentication Required with kerberos authentication type (Prabhu Joseph via Kevin Risden)
* [KNOX-1827] - Knox Fails to Rewrite WebFonts for Zeppelin (#76)
* [KNOX-1851] - remove the unnecessary instanceof check (#87)
* [KNOX-1841] - Upgrade zookeeper to 3.4.14
* [KNOX-1846] - Upgrade testcontainers to 1.11.1
* [KNOX-1845] - Upgrade spring-core to 5.1.6.RELEASE
* [KNOX-1840] - Upgrade protobuf-java to 3.7.1
* [KNOX-1847] - Upgrade findsecbugs to 1.9.0
* [KNOX-1843] - Upgrade dependency-check-maven to 5.0.0-M2
* [KNOX-1850] - KnoxSession should honor the current subject for Kerberos login
* [KNOX-1849] - Start the Java process with 'exec' when running the app in foreground (#85)
* [KNOX-1844] - Upgrade checkstyle to 8.19
* [KNOX-1819] - Ensure services are started and stopped in the correct order (#82)
* [KNOX-1837] - Remove jersey-common from top level pom
* [KNOX-1836] - Migrate from commons-lang to commons-lang3
* [KNOX-1837] - Remove ServiceTestResource glassfish Base64 dependency
* [KNOX-1835] - Jupyter Enterprise Gateway - KERNEL_USERNAME should be added when not present (#79)
* [KNOX-1832] - KnoxSession handling of JAAS config for kerberos auth is not deterministic
* [KNOX-1828] - Fix javadoc warning for test
* [KNOX-1804] - Moving copy-pasted bash functions to knox-function.sh (#71)
* [KNOX-1824] - Upgrade guava to 27.1-jre
* [KNOX-1823] - Upgrade protobuf-java to 3.7.0
* [KNOX-1822] - Upgrade dependency-check-maven to 5.0.0-M1
* [KNOX-1814]- Moving conf/data folder checking to Java layer from bash (#68)
* [KNOX-1812] - The Knox Gateway truststore should be configurable (#69)
* [KNOX-1815] - Removed Windows scripts (#67)
* [KNOX-1111] - 2-way SSL Truststore and Keystore Improvements (#74)
* [KNOX-1820] - Cleanup KeystoreService implementations and add unit tests (#72)
* [KNOX-1804] - Fix variable *_FOREGROUND_* defaults
* [KNOX-1826] - Replace zip4j with ShrinkWrap
* [KNOX-1810] - Upgrade frontend-maven-plugin to 1.7.5
* [KNOX-1811] - Upgrade pac4j to 3.6.1
* [KNOX-1809] - Upgrade spotbugs to 3.1.12
* [KNOX-1807] - Upgrade curator to 4.2.0
* [KNOX-1808] - Upgrade asm to 7.1
* [KNOX-1803] - Stop redirecting stderr & stdout to a file when the server runs in the foreground (#64)
* [KNOX-1801] - Master secret is incorrectly assumed when a custom truststore is not specified when clientauth is enabled (#63)
* [KNOX-1802] - Ranger /service/plugins and healthcheck endpoint needs to be exposed through Knox.
* [KNOX-474] - Improve Kerberos config validation and diagnostics at startup (#62)
* [KNOX-1789] - Refactor RemoteAliasService to use service loading (#59)
* [KNOX-1793] - DefaultKeystoreService should not validate the signing key on initialization (#61)
* [KNOX-1799] - Upgrade nimbus-jose-jwt to 7.0.1
* [KNOX-1800] - Upgrade mina-core to 2.0.20
* [KNOX-1798] - Upgrade checkstyle to 8.18
* [KNOX-1791] - MasterService should be a field on GatewayServices - replace "Master Service" with (new) constant, reordered constants in GatewayServices (#58)
* [KNOX-1756] - Knox Gateway TLS Keystore and Alias Should be Configurable (#56)
* [KNOX-1787] - Use same SecureRandom that DefaultAliasService used
* [KNOX-1787] - Create PasswordUtils class in gateway-util-common
* [KNOX-1786] - Use mocking to simplify DefaultRemoteConfigurationMonitorTest
* [KNOX-1162] - Logging stacktrace for FATAL messages and displaying a meaningful error message in case of missing/non-parsable JAAS configuration (#55)
* [KNOX-1784] - Upgrade bootstrap to 3.4.1
* [KNOX-1780] - Upgrade slf4j to 1.7.26
* [KNOX-1781] - Upgrade commons-codec to 1.12
* [KNOX-1782] - Upgrade jetty to 9.4.15.v20190215
* [KNOX-1777] - Move pac4j version/dependencies to top level pom.xml
* [KNOX-1778] - Update Copyright year to 2019
* [KNOX-1709] - Limit parallelism for slower laptops
* [KNOX-1760] - Created Pull Request template (#51)
* [KNOX-1775] - Cleanup test timeout handling
* [KNOX-1773] - Docker start gateway/ldap in the foreground
* [KNOX-1771] - Upgrade spotbugs-maven-plugin to 3.1.11
* [KNOX-1769] - Upgrade nimbus-jose-jwt to 7.0
* [KNOX-1767] - Upgrade log4j2 to 2.11.2
* [KNOX-1770] - Upgrade groovy to 2.5.6
* [KNOX-1768] - Upgrade bcprov-jdk15on to 1.61
* [KNOX-1772] - Upgrade angular-cli to 1.7.4
* [KNOX-1709] - Allow tests to run in parallel
* [KNOX-1758] - New Ant target to ease starting test servers enabling remote debugging
* [KNOX-1757] - Increasing test timeout from 1 second to 3 seconds (Sandor Molnar via Kevin Risden)
* [KNOX-1755] - Revert upgrade httpclient to 4.5.7 due to HTTPCLIENT-1968
* [KNOX-1754] - Upgrade pac4j to 3.5.0
* [KNOX-1753] - Upgrade jacoco-maven-plugin to 0.8.3
* [KNOX-1752] - Upgrade httpclient to 4.5.7
* [KNOX-1751] - Upgrade checkstyle to 8.17
* [KNOX-1792] - AliasService start should only be called once in DefaultGatewayServices
* [KNOX-1750] - Unable to view descriptor service params
* [KNOX-1559] - Create Dispatch implementation that is configurable via service.xml file
* [KNOX-1747] - Upgrade spotbugs to 3.1.11
* [KNOX-1746] - Upgrade httpcore to 4.4.11
* [KNOX-1748] - Upgrade eclipselink to 2.7.4
* [KNOX-1745] - Upgrade hadoop to 3.2.0
* [KNOX-1738] - Upgrade nimbus-jose-jwt to 6.7
* [KNOX-1739] - Upgrade spring-core to 5.1.4.RELEASE
* [KNOX-1737] - Remote configuration monitor start should not be attempted if config is not defined
* [KNOX-1736] - Upgrade rest-assured to 3.3.0
* [KNOX-1735] - Upgrade admin-ui bootstrap to 3.4.0
* [KNOX-1710] - Reuse JAXBContext since they are thread safe
* [KNOX-1731] - Gateway Admin UI should not include external js/css
* [KNOX-1728] - Allow custom parameters to be passed to dispatches
* [KNOX-1727] - Values should not be forced in query parameters when proxying through Knox
* [KNOX-1721]- Upgrade dependency-check-maven to 4.0.2
* [KNOX-1724] - Upgrade rat plugin to 0.13
* [KNOX-1723] - Upgrade dropwizard metrics to 4.0.5
* [KNOX-1722] - Upgrade checkstyle to 8.16
* [KNOX-1716] - Upgrade hamcrest to 2.1
* [KNOX-1717] - Enable PMD incremental analysis
* [KNOX-1715] - Upgrade jna to 5.2.0
* [KNOX-1712] - Upgrade spotbugs-maven-plugin to 3.1.10
* [KNOX-1713] - Upgrade dropwizard metrics to 4.0.4
* [KNOX-1714] - Upgrade groovy to 2.5.5
* [KNOX-1711] - Provide Endpoint Public Cert for KnoxToken
* [KNOX-1679] - Add Alias API service
* [KNOX-1679] - Review fixes
* [KNOX-1708] - Cleanup admin-ui lint errors
* [KNOX-1707] - Gateway Admin UI should have the right version
* [KNOX-1705] - Fix including gateway-admin-ui module
* [KNOX-1679] - Add Alias API service
* [KNOX-1705] - Integrate gateway-admin-ui into Maven build
* [KNOX-1703] - Cleanup old System.out debugging lines
* [KNOX-1702]- Use Boolean.parseBoolean instead of true.equals
* [KNOX-1701] - Use hamcrest assertThat instead of junit
* [KNOX-1700] - Tests should not extend org.junit.Assert
* [KNOX-1696] - Upgrade nimbus-jose-jwt to 6.5.1
* [KNOX-1697] - Upgrade curator to 4.1.0
* [KNOX-1690] - Update pom.xml with new git url
* [KNOX-1691] - Update doap_Knox with gitbox location
* [KNOX-1686] - XmlFilterReader - Ensure XPath and XPathFactory thread safety
* [KNOX-1684] - Avoid NPE for deployments in GatewayServer
* [KNOX-1685] - MockServlet - avoid mutable instance variables
* [KNOX-1683] - Ensure truststorePass is set in KnoxSession
* [KNOX-1682] - Upgrade dependency-check-maven to 4.0.1
* [KNOX-1681] - Upgrade spotbugs to 3.1.10
* [KNOX-1663] - Checkstyle - Enable EqualsAvoidNullCheck and don't instantiate Boolean
* [KNOX-1768] - Upgrade Jackson to 2.9.8
* [KNOX-1677] - Use try-with-resources to ensure that resources are closed
* [KNOX-1527] - Bump apacheds dependency version to 2.0.0-AM25
* [KNOX-1676] - Enable PMD for tests
* [KNOX-1638] - Migrate from apacheds-all to specific apacheds dependencies
* [KNOX-1673] - Upgrade cglib to 3.2.10
* [KNOX-1568] - Upgrade nimbus-jose-jwt to 6.5
* [KNOX-1672] - Cleanup deprecated API usage
* [KNOX-1671] - Cleanup misc logic errors identified by Sonarqube
* [KNOX-1669] - Enable PMD code style rules
* [KNOX-1668] - Enable PMD multithreading ruleset
* [KNOX-1667] - Enable PMD error prone ruleset
* [KNOX-1666] - Enable PMD best practices ruleset
* [KNOX-503] - Tests which include expected unreachable hosts fail with wildcard DNS records (Kristopher Kane, Kevin Risden)
* [KNOX-1615] - Enable PMD for source analysis
* [KNOX-1664] - Miscellaneous code cleanup
* [KNOX-1663] - Enforce more Checkstyle rules
* [KNOX-1618] - Add dropwizard metrics-jvm support
* [KNOX-1623] - Fix jenkins build - 2
* [KNOX-1364] - Cookie scoping path should contain the topology name (Laszlo Nardai via Kevin Risden)
* [KNOX-1662] - Avoid GatewayTestDriver NPE on ldap stop
* [KNOX-1659] - Upgrade spring-core to 5.1.3.RELEASE
* [KNOX-1656] - Upgrade checkstyle to 8.15
* [KNOX-1658] - Upgrade spotbugs-maven-plugin to 3.1.9
* [KNOX-1657] - Upgrade easymock to 4.0.2
* [KNOX-1660] - OWASP Add suppressions for false positives
* [KNOX-1623] - Fix jenkins failure and minor doc changes
* [KNOX-1650] - HA dispatcher for Atlas with knox trusted proxy (Nixon Rodrigues via Kevin Risden)
* [KNOX-1623] - Kerberos support for KnoxShell
** Bug
* [KNOX-1879] - HDFSUI service definition doesn't work with DefaultHaDispatch
* [KNOX-1870] - Zeppelin UI service definition service.xml has wrong version
* [KNOX-1868] - HBase UI changes from KNOX-1866 aren't picked up due to service.xml version (#95)
* [KNOX-1866] - Fix HBase UI proxying (#94)
* [KNOX-1864] - Knox returns HTTP 405 Method Not Allowed error with HTTP PATCH method (#91)
* [KNOX-1856] - Incorrect error message in case there is no 'gateway-identity' certificate in the configured keystore (#92)
* [KNOX-1854] - Admin UI read-only topology message typo
* [KNOX-1851] - Fix NPE in Zookeeper Remote Alias Service (#86)
* [KNOX-1830] - Fix sporadic Illegal character error in TestHashicorpVaultAliasService
* [KNOX-1828] - Fix Websocket Message Size (#75)
* [KNOX-1789] - Fix RemoteAliasService fallback after KNOX-1756
* [KNOX-1191] - Azure AD support for KnoxSSO
* [KNOX-1733] - Spark History UI Version is Not Correct in the XML
* [KNOX-1647] - Identity Assertion should not modify order of query params
* [KNOX-1680] - KnoxTokenCredentialCollector results in IndexOutOfBounds exception
* [KNOX-1615] - Fix mvn site
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.2.0
------------------------------------------------------------------------------
** New Feature
* [KNOX-1343] - Support Ganglia for Knox (Mert Hocanin via Kevin Risden)
* [KNOX-1421] - Enable OWASP Dependency Check
* [KNOX-1549] - KnoxSSO should support signing keys per topology
** Improvement
* [KNOX-16] - Implement IdentityAsserterHttpServletRequestWrapper.ServletInputStreamWrapper methods for performance
* [KNOX-1011] - Add ldap.port system property to configure LDAP demo server port (Attila Csoma via Kevin Risden)
* [KNOX-1112] - KnoxShell support for managing simple descriptors
* [KNOX-1291] - ssl.include|exclude.ciphers & ssl.exclude.protocols support comma or pipe separated lists
* [KNOX-1359] - Disable kerberos debugging by default
* [KNOX-1401] - Add HAL+JSON To the List of JSON Content Types (William Watson via Sandeep More)
* [KNOX-1411] - WEBHBASE service discovery references incorrect property for the port
* [KNOX-1440] - WEBHDFS: retry should not be attempted for datanode write failures
* [KNOX-1441] - Enable spotbugs for static build checking
* [KNOX-1442] - Enable forbiddenapis for static build checking
* [KNOX-1443] - Add checkstyle to enforce coding style
* [KNOX-1444] - Upgrade to ASF POM version 21
* [KNOX-1448] - Maven pom dependency cleanup
* [KNOX-1460] - Zookeeper tests should call close() instead of stop()
* [KNOX-1461] - Remove JRE/JDK 1.7 check introduced by KNOX-769
* [KNOX-1464] - Remove explicit guava dependency from gateway-server InstrUtils
* [KNOX-1465] - Remove explicit guava dependency from gateway-provider-ha
* [KNOX-1466] - Remove explicit guava dependency from gateway-provider-rewrite-func-inbound-query-param
* [KNOX-1467] - Remove explicit guava dependency from gateway-provider-security-preauth
* [KNOX-1468] - Remove explicit guava dependency from gateway-service-nifi
* [KNOX-1474] - Bump apacheds dependency version to 2.0.0-AM24
* [KNOX-1475] - Bump shrinkwrap dependency versions
* [KNOX-1477] - Bump commons-* dependency versions
* [KNOX-1478] - Support running checkstyle from submodules
* [KNOX-1479] - Replace Mockito usage with EasyMock
* [KNOX-1484] - Bump version dependencies Oct 2018
* [KNOX-1501] - Upgrade hadoop to 3.1.1
* [KNOX-1511] - Enable forbiddenapis commons-io signatures
* [KNOX-1512] - Replace deprecated EasyMock new Capture() calls
* [KNOX-1516] - Upgrade Jetty to 9.4.12
* [KNOX-1518] - Large HDFS file downloads are incomplete when content is gzipped
* [KNOX-1521] - Implement UrlRewriteRequestStream methods for performance
* [KNOX-1522] - Add HA support for HadoopAuthProvider
* [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module
* [KNOX-1530] - Improve Gzip Compression Handling Performance
* [KNOX-1537] - Cleanup gateway-group no value errors
* [KNOX-1538] - Remove TODO Auto-generated
* [KNOX-1540] - Use StandardCharsets where possible
* [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit()
* [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token
* [KNOX-1546] - Fix javadoc errors and warnings
* [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell
* [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway
* [KNOX-1554] - Allow Knox site to be built with JDK 11
* [KNOX-1555] - Update DOAP file
* [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1
** Bug
* [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown
* [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state
* [KNOX-1098] - Livy proxyUser should be added when not present
* [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden)
* [KNOX-1165] - Another unnamed CacheManager already exists in the same VM
* [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs
* [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC
* [KNOX-1221] - WebHDFS read/write performance limitations
* [KNOX-1222] - Discovery API requests fail against Docker Sandbox
* [KNOX-1247] - Knox Cloud Federation
* [KNOX-1337] - Cleanup AbstractGatewayDispatch
* [KNOX-1405] - Download page must link to KEYS and contain verification details
* [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip"
* [KNOX-1415] - Upgrade Jetty to 9.2.25
* [KNOX-1416] - Upgrade Spring Framework to 4.3.17
* [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J
* [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More)
* [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects
* [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More)
* [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values
* [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay)
* [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException
* [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More)
* [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging
* [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation
* [KNOX-1459] - Remove testng assertions
* [KNOX-1505] - Knox should close CuratorFramework clients when finished
* [KNOX-1519] - Fix 404s in the documentation
* [KNOX-1520] - markbook refers to wrong parent-pom version
* [KNOX-1523] - XML parsing cleanup
* [KNOX-1526] - Upgrade Jetty to 9.2.26
* [KNOX-1529] - gateway-shell-release doesn't include shaded jar
* [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession
* [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway
* [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly
* [KNOX-1558] - KnoxToken service returns wrong content type and content length values
* [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden)
* [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden)
* [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root
* [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException
* [KNOX-1616] - Fix portmapping with Jetty 9.4
* [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext
* [KNOX-1645] - Improve JSESSIONID handling
* [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces
** Sub-task
* [KNOX-1449] - Ensure all pom.xml files have same header
* [KNOX-1450] - Remove redundant configurations from pom.xml
* [KNOX-1451] - Setup base checkstyle plugin
* [KNOX-1452] - Enable checkstyle no tabs in source file rule
* [KNOX-1453] - Enable checkstyle no unused imports rule
* [KNOX-1454] - Enable checkstyle no wildcard imports rule
* [KNOX-1455] - Enable checkstyle ASF header check rule
* [KNOX-1456] - Move dependency versions to top level pom properties
* [KNOX-1457] - Add mailing lists to top level pom
* [KNOX-1463] - Use maven-dependency-plugin to ensure all dependencies are declared
* [KNOX-1470] - Remove surefire-version and failsafe-version properties
* [KNOX-1471] - Remove unused genson dependency
* [KNOX-1472] - Remove explicit surefire plugin block in child poms
* [KNOX-1473] - Remove plugin versions that are from parent ASF pom
* [KNOX-1480] - Remove cobertura-maven-plugin
* [KNOX-1481] - Remove javancss-maven-plugin
* [KNOX-1482] - Migrate to maven-site-plugin reportSets
* [KNOX-1485] - Upgrade bcprov-jdk15on to 1.60
* [KNOX-1486] - Upgrade commons-lang3 to 3.8.1
* [KNOX-1487] - Upgrade easymock to 3.6
* [KNOX-1488] - Upgrade curator to 4.0.1
* [KNOX-1489] - Upgrade jericho-html to 3.4
* [KNOX-1490] - Upgrade buildnumber-maven-plugin to 1.4
* [KNOX-1491] - Upgrade jline to 2.14.6
* [KNOX-1492] - Upgrade jna to 4.5.2
* [KNOX-1493] - Upgrade joda-time to 2.10
* [KNOX-1494] - Upgrade groovy to 2.5.2
* [KNOX-1495] - Upgrade httpclient to 4.5.6 and httpcore to 4.4.10
* [KNOX-1496] - Upgrade maven-bundle-plugin to 4.0.0
* [KNOX-1497] - Upgrade jansi to 1.17.1
* [KNOX-1498] - Upgrade maven-enforcer-plugin to 3.0.0-M2
* [KNOX-1499] - Upgrade cors-filter to 2.6
* [KNOX-1500] - Upgrade rest-assured to 3.1.1
* [KNOX-1503] - Upgrade slf4j to 1.7.25
* [KNOX-1504] - Upgrade eclipselink to 2.7.3
* [KNOX-1506] - Upgrade protobuf-java to 3.6.1
* [KNOX-1507] - Upgrade okhttp to 2.7.5
* [KNOX-1508] - Upgrade taglibs-standard-spec and taglibs-standard-impl to 1.2.5
* [KNOX-1509] - Upgrade pac4j dependencies
* [KNOX-1510] - Upgrade nimbus-jose-jwt to 6.0.2
* [KNOX-1513] - Upgrade spring-core to 5.0.9.RELEASE
* [KNOX-1514] - Upgrade jackson to 2.9.7
* [KNOX-1515] - Upgrade shiro to 1.4.0 and ehcache to 2.6.11
* [KNOX-1531] - Remove gzip handler added by KNOX-732
* [KNOX-1532] - Only decompress/recompress when there are rewrite rules
* [KNOX-1533] - Disable httpclient transparent content decompression
* [KNOX-1534] - Avoid try/catch checking for gzip stream
* [KNOX-1535] - Remove custom gzip helper stream - use commons-compress
* [KNOX-1578] - JobHistory UI - Broken "ResourceManager" and "NodeManager" links
* [KNOX-1580] - YARN v1 UI - Scheduler - "Dump scheduler logs" link broken
* [KNOX-1581] - YARN v1 UI - Application - Node and logs links broken
* [KNOX-1587] - YARN v1 UI - Fix Spark history links
** Test
* [KNOX-1548] - Improve ZooKeeperConfigurationMonitorTest to not use Thread.sleep()
** Wish
* [KNOX-1435] - how to configure rewrite.xml and service.xml?
** Task
* [KNOX-542] - Add replayBufferSize defaults to the sandbox topology (Matthew Sharp via Kevin Risden)
* [KNOX-543] - Add documentation and configuration examples to the user guide for replaybuffersize
* [KNOX-1402] - Upgrade to Apache parent pom version 20
* [KNOX-1407] - Please delete old releases from mirroring system
* [KNOX-1408] - Remove the Roadmap confluence wiki page
* [KNOX-1524] - Hive "select *" performance evaluation
* [KNOX-1525] - HBase "scan" performance evaluation
* [KNOX-1536] - Replace redundant types with the diamond operator
* [KNOX-1539] - Put the array declaration after the type
* [KNOX-1542] - Upgrade to EasyMock 4.0.1
* [KNOX-1543] - Update documentation for KNOX-1531
* [KNOX-1622] - Enable the secure processing feature on all XPathFactory instances
* [KNOX-1637] - ant verify-stage should check knoxshell artifacts
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.1.0
------------------------------------------------------------------------------
** New Feature
* [KNOX-1040] - Initial new descriptor and provider config wizard support
* [KNOX-1040] - Accommodate omission of cluster user in descriptor discovery config
* [KNOX-1040] - Implemented the ability to add config elements to provider configurations and descriptors.
* [KNOX-1040] - Added modification support: delete, discard changes, save changes
* [KNOX-1040] - Separated the provider config selection modal into its own component.
* [KNOX-1040] - Added visual indicator that a provider config has not been removed because it is referenced, and improved editable fields
* [KNOX-1040] - Initial changes to support simple descriptors and provider configurations in the Admin UI.
** Improvement
* [KNOX-1395] - Change Derived Whitelist logic to not use InetAddress of Localhost for getting Hostname
* [KNOX-1394] - OOTB gateway-site.xml to Default to Demo Whitelist Scenario
* [KNOX-1381] - Fix logging
* [KNOX-1378] - Declare SSO params using KnoxSSO service option knoxsso.expected.params
* [KNOX-1379] - Default dispatch whitelist should not include localhost when the Knox host domain can be determined
* [KNOX-1363] - Support service role-based whitelist for dispatches and redirects
* [KNOX-1357] - Add configurable list of AutoDeploy topologies to deploy on server start
* [KNOX-1350] - Complete centralization of manager.xml topology config in gateway-site.xml
* [KNOX-1339] - (KIP-11 Federation) Add support for header preauth dispatch
* [KNOX-1350] - Centralize Group Lookup Config in gateway-site.xml
* [KNOX-1338] - Add Config Property for Knox Admin Groups for AclsAuthz Provider Use
* [KNOX-1326] - merge DATANODE rewrite rules into HDFSUI
* [KNOX-1336] - Upgrade libpam4j to abstractj/1.9.1
* [KNOX-1315] - Spark UI urls issue: Jobs, stdout/stderr and threadDump links (Guang Yang via lmccay)
* [KNOX-1143] - Add MR job history ws rest api rewrite rule to jobhistoryui (Guang Yang via lmccay)
* [KNOX-1089] - Upgrade Jetty
* [KNOX-1329] - Upgrade the transitive springframework spring core to even newer version
* [KNOX-1290] - Create gateway definition for Log Search - version 0.5.0 (Olivér Szabó via lmccay)
* [KNOX-1329] - Upgrade the transitive springframework spring core from pac4j
* [KNOX-1328] - Change Default Authentication to KnoxSSO for Admin UI
* [KNOX-1320] - Upgrade JQuery in the KnoxAuth Application
* [KNOX-1327] - Log REST invocation error exceptions encountered during service discovery at ERROR level
* [KNOX-1322] - Support configuration property to forcibly treat topologies as read-only
* [KNOX-1314] - SSOCookieProvider should be able to derive a default provider URL
* [KNOX-1319] - Better logging when discovery fails to access service configurations
* [KNOX-1318] - Update available Admin UI services to include NiFi
* [KNOX-1317] - Ambari service discovery config handling of nested derived properties
* [KNOX-1193] - NiFi service discovery support
* [KNOX-1154] - Dump Kerberos settings upon startup. (Rick Kellogg via Phil Zampino)
* [KNOX-1310] - The X-Content-Type-Options header should be set as 'nosniff'
* [KNOX-1309] - Admin API resource names should be validated
* [KNOX-1308] - Implement safeguards against XML entity injection/expansion in the Admin API
* [KNOX-1227] - Add KnoxSSO and KnoxToken services to the new descriptor service options
* [KNOX-1266] - Employ gateway-site config for default discovery address and cluster values
* [KNOX-1275] - Add json-smart explicitly to gateway-spi (Saravanan Krishnamoorthy via lmccay)
* [KNOX-1306] - Remove requirement for cluster when discovery address is specified in admin UI new descriptor wizard.
* [KNOX-1193] - LOGSEARCH discovery support
* [KNOX-1305] - Add postfix and infix rewrite functions
* [KNOX-1236] - Support service discovery for YARNUIV2
* [KNOX-1202] - Validate resource names
* [KNOX-1300] - Add default provider configuration for demo LDAP to the distribution
* [KNOX-1193] - Add service discovery support for Spark Thrift UI
* [KNOX-1293] - Support for Ambari discovery of SPARK2 services
* [KNOX-1294] - Upgrade Jackson-Databind to 2.9.5
* [KNOX-1292] - Upgrade Groovy to 2.4.8
* [KNOX-1289] - Deletion of generated topology deletes associated descriptor file
* [KNOX-1135] - Add configuration property for allowing remote configuration to be read by unauthenticated clients
* [KNOX-1281] - HA provider configuration wizard should require the service name property value
* [KNOX-1279] - HaProvider wizard should include ability to specify ZooKeeper-related properties
* [KNOX-1257] - WebAppSec provider configuration wizard
* [KNOX-1276] - Improve HA provider configuration wizard
* [KNOX-1269] - Generate services declared in descriptor without URLs or params, but with valid HaProvider ZK config
* [KNOX-1267] - Add support for Ranger-related service discovery with HTTPS configurations
* [KNOX-1268] - Add support for HDFS-related service discovery with HTTPS configurations
* [KNOX-1258] - Add Anonymous authentication provider to provider config wizard options.
* [KNOX-1259] - Removed height restriction on resource type and resource list tables
* [KNOX-1263] - Admin UI provider config details should organize providers by role rather than name
* [KNOX-1187] - Support for Distributed Alias Service
* [KNOX-1182] - Removed lingering configuration, which is no longer used for RM-based services
* [KNOX-1233] - Excluded lang-tag from the pac4j-oidc dependency
* [KNOX-1243] - Normalize the required DNs that are Configured in KnoxToken Service
* [KNOX-1220] - HostMap provider configuration wizard option in Admin UI
* [KNOX-1212] - Support new YARN webui2 in Knox (Sunil Govindan via Phil Zampino)
* [KNOX-1153] - Support for determining whether HA is enabled or not from the service's configuration
* [KNOX-1215] - Hadoop Group Lookup Provider Config Wizard
* [KNOX-1229] - Ambari service discovery REST invocations need reasonable timeout
* [KNOX-1228] - Atlas HA ZooKeeper Config Discovery
* [KNOX-1224] - Knox Proxy HADispatcher to support Atlas in HA (Nixon Rodrigues via Phil Zampino)
* [KNOX-1219] - Eliminated duplicate useTwoWaySsl dispatch filter params
* [KNOX-1216] - Admin UI and runtime validation for new descriptor provider configuration reference
* [KNOX-1211] - Admin UI XSS/XSRF Protection
* [KNOX-1202] - Added UI elements to indicate invalid param values
* [KNOX-1202] - Descriptor and Provider Configuration Wizard Input Validation
* [KNOX-1190] - Compress cookies set by Pac4J, in some cases the cookie size exceeds 4K and cause them not to set.
* [KNOX-1200] - Update Apache parent pom version
* [KNOX-1193] - Discovery support for SOLR, STORM and STORM-LOGVIEWER, and config for additional support
* [KNOX-1198] - Support Ambari service discovery mappings override/augmentation with external config
* [KNOX-1193] - Added discovery support for LIVYSERVER, SPARKHISTORYUI, JOBHISTORYUI, YARNUI, FALCON, OOZIEUI, HBASEUI, HDFSUI, DRUID-COORDINATOR-UI and DRUID-OVERLORD-UI
* [KNOX-1194] - Safe loading and dumping of yaml, and filter empty-value properties from JSON output.
* [KNOX-1176] - Update provider configuration references if new reference is invalid
* [KNOX-1186] - Descriptors and Topology Generation Support for Service Versioning
* [KNOX-1167] - Support HDFS Federation in Knox topology generation
* [KNOX-1188] - Maintain provider parameter order in generated topologies
* [KNOX-1181] - Add support for RANGER and RANGERUI service endpoint discovery via Ambari
* [KNOX-1159] - Create ".sha1" files when releasing instead of ".sha"