You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2020/04/19 20:13:32 UTC

svn commit: r39029 [2/3] - /dev/knox/knox-1.4.0/

Added: dev/knox/knox-1.4.0/CHANGES
==============================================================================
--- dev/knox/knox-1.4.0/CHANGES (added)
+++ dev/knox/knox-1.4.0/CHANGES Sun Apr 19 20:13:31 2020
@@ -0,0 +1,1898 @@
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.4.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-2153] - CM discovery - Monitor Cloudera Manager (#239)
+    * [KNOX-2002] - Add a KnoxShellTable to Represent and Render Output in Tabular Format
+    * [KNOX-2224] - KnoxLine and KnoxShell DataSource and Select Command Alignment (#255)
+    * [KNOX-2341] - KnoxShell Custom Commands need Description and Usage Details (#313)
+    * [KNOX-2310] - Add aggregate method to KnoxShellTable (#302)
+    * [KNOX-2308] - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300)
+    * [KNOX-2307] - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301)
+    * [KNOX-2240] - KnoxShell Custom Command for WEBHDFS Use (#296)
+    * [KNOX-2299] - Fixed Hive JDBC URL on Knox Home page (#293)
+    * [KNOX-2296] - Passing down the service URL field when building up a service model (#290)
+    * [KNOX-2298] - ClouderaManager cluster config monitor should stop monitoring unreferenced clusters (#291)
+    * [KNOX-2295] - UI services improvement on Knox Home page (#289)
+    * [KNOX-2269] - The Knox Home page is available as a regular app via the homepage topology (#281)
+    * [KNOX-2066] - Composite Authz Provider
+    * [KNOX-2067] - KnoxToken service support for renewal and revocation
+    * [KNOX-2024] - KnoxShellTable - Case Insensitive Operations with Col Names (#160)
+    * [KNOX-2018] - KnoxShellTable Filtering needs greaterThan and lessThan, equals Methods (#158)
+    * [KNOX-2027] - Need a reverse order sort on a table based on a column. (#159)
+    * [KNOX-2060] - Extend KnoxShellTable statistics methods to work with columns of Strings (#168)
+    * [KNOX-2057] - Unique ID is set when creating a new instance of KnoxShellTable instead of setting it in the builder/filter (#165)
+    * [KNOX-2063] - KnoxShellTable javadoc failures (#167)
+    * [KNOX-2052] - KnoxShellTable mean, median, and mode methods (#163)
+    * [KNOX-2023] - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) (#162)
+    * [KNOX-2022] - KnoxShellTable contains Comparables instead of Strings
+    * [KNOX-2022] - Splitting up KnoxShellTable and do minor cleanup
+    * [KNOX-1740] - Add Trusted Proxy Support to Knox (#106)
+    * [KNOX-2056] - Adding Service Definitions management into Admin UI (#169)
+    * [KNOX-2053] - New REST API to create/read/update/delete service definitions (#164)
+    * [KNOX-2226] - Add home page to Knox (#263)
+    * [KNOX-1742] - add knoxline to knoxshell usage rendering
+    * [KNOX-1410] - Knox Shell support for remote Alias management (#210)
+    * [KNOX-2210] - Gateway-level configuration for server-managed Knox token state (#259)
+** Improvement
+    * [KNOX-2339] - Add Github Actions for CI (#311)
+    * [KNOX-2321]. /LogLevel with knox not working for Hdfs web ui endpoints. (#314)
+    * [KNOX-2340] - Fix DefaultTokenStateServiceTest timeouts (#312)
+    * [KNOX-2338] - Upgrade apacheds.directory.server.version to 2.0.0.AM26 (#309)
+    * [KNOX-2332] - Upgrade spotbugs-maven-plugin to 4.0.0
+    * [KNOX-2331] - Upgrade spotbugs to 4.0.1
+    * [KNOX-2330] - Upgrade spring-core to 5.2.5.RELEASE
+    * [KNOX-2333] - Upgrade rest-assured to 4.3.0
+    * [KNOX-2322] - Upgrade nimbus-jose-jwt to 8.14.1
+    * [KNOX-2324] - Upgrade metrics to 4.1.6
+    * [KNOX-2334] - Upgrade maven-dependency-plugin to 3.1.2
+    * [KNOX-2335] - Upgrade java-support to 8.0.0
+    * [KNOX-2336] - Upgrade httpclient to 4.5.12
+    * [KNOX-2323] - Upgrade groovy to 3.0.3
+    * [KNOX-2329] - Upgrade dependency-check-maven to 5.3.2
+    * [KNOX-2327] - Upgrade commons-lang3 to 3.10
+    * [KNOX-2328] - Upgrade checkstyle to 8.31
+    * [KNOX-2326] - Upgrade bcprov-jdk15on to 1.65
+    * [KNOX-2325] - Upgrade asm to 8.0.1
+    * [KNOX-2304] - CM discovery cluster config monitor needs to be aware of … (#307)
+    * [KNOX-2320] - Upgrade xmlsec to 2.1.5
+    * [KNOX-2319] - Upgrade commons-compress to 1.20
+    * [KNOX-2315] - Fix zookeeper Kerberos Auth (#304)
+    * [KNOX-2316] - Knox Token State Eviction Must Consider Maximum Token Lifetime (#306)
+    * [KNOX-2317] - Open UI services from Knox Home page on new tabs (#305)
+    * [KNOX-2287] - KnoxCLI convert topology to provider and descriptor (#292)
+    * [KNOX-2305] - Blacklist Maven 3.6.2 and move cloudera repository to child pom (#295)
+    * [KNOX-2300] - Livy and Solr handled as both API and UI services (#294)
+    * [KNOX-2289] - Passing GatewayServer.getGatewayServices() to SimpleDescriptorHandler.handle() as it needs it to provision encryption query string password (#288)
+    * [KNOX-2286] - Cleaner log messages about monitoring topologies/providers/descriptors (#287)
+    * [KNOX-2285] - Change gateway.server.header.enabled default to false
+    * [KNOX-2284] - Handling CM descriptors after Knox shared-provider/descriptor/topology monitors are started (#285)
+    * [KNOX-2266] - Tokens Should Include a Unique Identifier (#284)
+    * [KNOX-2267] - Ambari/CM discovery - Needs to point to configured truststore
+    * [KNOX-2282] - Upgrade curator to 4.3.0
+    * [KNOX-2275] - Upgrade woodstox-core to 6.1.1
+    * [KNOX-2270] - Upgrade testcontainers to 1.13.0
+    * [KNOX-2277] - Upgrade spring-vault to 2.2.2.RELEASE
+    * [KNOX-2279] - Upgrade spring-core to 5.2.4.RELEASE
+    * [KNOX-2274] - Upgrade log4j2 to 2.13.1
+    * [KNOX-2276] - Upgrade metrics to 4.1.4
+    * [KNOX-2271] - Upgrade nimbus-jose-jwt to 8.9
+    * [KNOX-2278] - Upgrade jetty to 9.4.27.v20200227
+    * [KNOX-2272] - Upgrade jackson to 2.10.3
+    * [KNOX-2281] - Upgrade eclipselink to 2.7.6
+    * [KNOX-2280] - Upgrade cors-filter to 2.9
+    * [KNOX-2273] - Upgrade checkstyle to 8.30
+    * [KNOX-2243] - Upgrade groovy to 3.0.1
+    * [KNOX-2247] - Upgrade zookeeper to 3.5.7
+    * [KNOX-2244] - Upgrade spotbugs to 4.0.0
+    * [KNOX-2246] - Upgrade protobuf-java to 3.11.4
+    * [KNOX-2241] - Upgrade nimbus-jose-jwt to 8.8
+    * [KNOX-2242] - Upgrade metrics to 4.1.3
+    * [KNOX-2245] - Upgrade maven-checkstyle-plugin to 3.1.1
+    * [KNOX-2248] - Upgrade cryptacular to 1.2.4
+    * [KNOX-2220] - Upgrade nimbus-jose-jwt to 8.5
+    * [KNOX-2218] - Upgrade easymock to 4.2
+    * [KNOX-2219] - Upgrade checkstyle to 8.29
+    * [KNOX-2217] - Upgrade apache pom to 23
+    * [KNOX-2191] - Upgrade testcontainers to 1.12.5
+    * [KNOX-2194] - Upgrade spring-vault to 2.2.1.RELEASE
+    * [KNOX-2199] - Upgrade spring-core to 5.2.3.RELEASE
+    * [KNOX-2193] - Upgrade rest-assured to 4.2.0
+    * [KNOX-2195] - Upgrade jetty to 9.4.26.v20200117
+    * [KNOX-2192] - Upgrade httpclient to 4.5.11
+    * [KNOX-2198] - Upgrade groovy to 2.5.9
+    * [KNOX-2197] - Upgrade dependency-check-maven to 5.3.0
+    * [KNOX-2196] - Upgrade caffeine to 2.8.1
+    * [KNOX-2178] - Upgrade woodstox-core to 6.0.3
+    * [KNOX-2181] - Upgrade testcontainers to 1.12.4
+    * [KNOX-2183] - Upgrade spring-core to 5.2.2.RELEASE
+    * [KNOX-2175] - Upgrade slf4j to 1.7.30
+    * [KNOX-2180] - Upgrade protobuf-java to 3.11.1
+    * [KNOX-2173] - Upgrade nimbus-jose-jwt to 8.4
+    * [KNOX-2179] - Upgrade metrics to 4.1.2
+    * [KNOX-2184] - Upgrade maven-enforcer-plugin to 3.0.0-M3
+    * [KNOX-2177] - Upgrade log4j to 2.13.0
+    * [KNOX-2170] - Upgrade junit to 1.14
+    * [KNOX-2174] - Upgrade jetty to 9.4.25.v20191220
+    * [KNOX-2169] - Upgrade jackson to 2.10.2
+    * [KNOX-2165] - Upgrade httpcore to 4.4.13
+    * [KNOX-2172] - Upgrade guava to 28.2-jre
+    * [KNOX-2167] - Upgrade frontend-maven-plugin to 1.9.1
+    * [KNOX-2185] - Upgrade dependency-check-maven to 5.2.4
+    * [KNOX-2168] - Upgrade commons-codec to 1.14
+    * [KNOX-2176] - Upgrade cloudera-manager-api to 7.0.3
+    * [KNOX-2171] - Upgrade checkstyle to 8.28
+    * [KNOX-2182] - Upgrade aspectj to 1.9.5
+    * [KNOX-2164] - Upgrade asm to 7.3.1
+    * [KNOX-2166] - Upgrade apache pom to 22
+    * [KNOX-2143] - Upgrade shiro to 1.4.2 (#209)
+    * [KNOX-2135] - Fix YARNUIV2 RM Logs sub-links (#204)
+    * [KNOX-2142] - Upgrade jetty to 9.4.24.v20191120 (#208)
+    * [KNOX-2140] - RequestUpdateHandler.ForwardedRequest#getRequestURL needs to return a valid URL (#206)
+    * [KNOX-2074]: Tracking UI of flink session is broken in YARNUI (#174)
+    * [KNOX-2004] - Adding changes for handling Ping/Pong message from backend server on websocket connection (#200)
+    * [KNOX-2133] - Ensure that Knox always validates TLS (#203)
+    * [KNOX-2238] - CM discovery - Add TLS support to Phoenix auto discovery (#267)
+    * [KNOX-2120] - Upgrade easymock to 4.1
+    * [KNOX-2119] - Upgrade jackson to 2.10.1
+    * [KNOX-2118] - Upgrade checkstyle to 8.26
+    * [KNOX-2117] - Upgrade testcontainers to 1.12.3
+    * [KNOX-2116] - com.nimbusds:lang-tag needs a fixed version
+    * [KNOX-2115] - Improve .travis.yml (#187)
+    * [KNOX-2113] - Upgrade mina-core to 2.0.21 (#185)
+    * [KNOX-2114] - Add OWASP suppression for cas-client-core
+    * [KNOX-2098] - OWASP Add Nov 2019 suppressions for false positives (#184)
+    * [KNOX-2100] - Make sure knoxshell initializes logging by using the 'launcher' framework like other products (gateway, cli, ldap) do (#181)
+    * [KNOX-2112] - Upgrade dom4j to 2.1.1 (#183)
+    * [KNOX-2111] - Upgrade java-support to 7.5.1
+    * [KNOX-2110] - Upgrade xmlsec to 2.1.4
+    * [KNOX-2109] - Upgrade nimbus-jose-jwt to 8.2.1
+    * [KNOX-2108] - Upgrade pac4j to 3.8.3
+    * [KNOX-2107] - Upgrade spring-vault to 2.2.0.RELEASE
+    * [KNOX-2106] - Upgrade spring-core to 5.2.1.RELEASE
+    * [KNOX-1842] - Upgrade httpclient to 4.5.10 (#176)
+    * [KNOX-2075] - Druid coordinator ui is broken (#175)
+    * [KNOX-2094] - Upgrade httpcore to 4.4.12
+    * [KNOX-2081] - Upgrade zookeeper to 3.5.6
+    * [KNOX-2088] - Upgrade spring-vault to 2.1.4.RELEASE
+    * [KNOX-2077] - Upgrade spring-core to 5.2.0.RELEASE
+    * [KNOX-2093] - Upgrade slf4j to 1.7.29
+    * [KNOX-2078] - Upgrade rest-assured to 4.1.2
+    * [KNOX-2084] - Upgrade nimbus-jose-jwt to 8.2
+    * [KNOX-2085] - Upgrade metrics to 4.1.1
+    * [KNOX-2089] - Upgrade joda-time to 2.10.5
+    * [KNOX-2092] - Upgrade jna to 5.5.0
+    * [KNOX-2087] - Upgrade jetty to 9.4.22.v20191022
+    * [KNOX-2090] - Upgrade javax.inject to 2.4.0
+    * [KNOX-2079] - Upgrade jacoco-maven-plugin to 0.8.5
+    * [KNOX-2083] - Upgrade hamcrest to 2.2
+    * [KNOX-2080] - Upgrade forbiddenapis to 2.7
+    * [KNOX-2091] - Upgrade findsecbugs to 1.10.1
+    * [KNOX-2086] - Upgrade eclipselink to 2.7.5
+    * [KNOX-2082] - Upgrade dockerfile-maven-plugin to 1.4.13
+    * [KNOX-2064] - KnoxSSO knoxsso.token.ttl should not default to -1
+    * [KNOX-1981] - Upgrade spring-core to 5.1.9.RELEASE
+    * [KNOX-1977] - Upgrade spotbugs-maven-plugin to 3.1.12.2
+    * [KNOX-1974] - Upgrade protobuf-java to 3.9.1
+    * [KNOX-1979] - Upgrade dockerfile-maven-plugin to 1.4.12
+    * [KNOX-1983] - Upgrade commons-codec to 1.13
+    * [KNOX-1982] - Upgrade testcontainers to 1.12.0
+    * [KNOX-1975] - Upgrade slf4j to 1.7.27
+    * [KNOX-1978] - Upgrade nimbus-jose-jwt to 7.7
+    * [KNOX-1984] - Upgrade jna to 5.4.0
+    * [KNOX-1985] - Upgrade javax.annotation-api to 1.3.2
+    * [KNOX-1972] - Upgrade groovy to 2.5.8
+    * [KNOX-1976] - Upgrade dependency-check-maven to 5.2.1
+    * [KNOX-1973] - Upgrade cloudera-manager-api 6.2.0 to 6.3.0
+    * [KNOX-1980] - Upgrade checkstyle to 8.23
+    * [KNOX-1971] - Upgrade Hashicorp Vault test to vault:1.2.1
+    * [KNOX-2065] - Upgrade nimbus-jose-jwt to 8.1
+    * [KNOX-2061] - ConfigurableHADispatch needs to be wired up
+    * [KNOX-2059] - Upgrade bcprov-jdk15on to 1.64
+    * [KNOX-2058] - Upgrade commons-compress to 1.19
+    * [KNOX-2026] - Accept Impala's authentication cookies (#161)
+    * [KNOX-2051] - Upgrade asm to 7.2
+    * [KNOX-2050] - Upgrade jackson to 2.10.0
+    * [KNOX-2015] - Allow end-users to exclude only certain directives of the SET-COOKIE HTTP header (#154)
+    * [KNOX-2024] - Fix testNameMethod test
+    * [KNOX-1996]: Adding changes to remove extra / while generating backedn … (#142)
+    * [KNOX-2048] - Upgrade pac4j to 3.8.2
+    * [KNOX-2047] - Upgrade dependency-check-maven to 5.2.2
+    * [KNOX-2046] - Upgrade hadoop to 3.2.1
+    * [KNOX-2045] - Upgrade joda-time to 2.10.4
+    * [KNOX-2044] - Upgrade protobuf-java to 3.10.0
+    * [KNOX-2043] - Upgrade bcprov-jdk15on to 1.63
+    * [KNOX-2042] - Upgrade testcontainers to 1.12.1
+    * [KNOX-2041] - Upgrade rest-assured to 4.1.1
+    * [KNOX-2040] - Upgrade commons-text to 1.8
+    * [KNOX-2039] - Upgrade checkstyle to 8.24
+    * [KNOX-2038] - Upgrade guava to 28.1-jre
+    * [KNOX-2037] - Upgrade nimbus-jose-jwt to 7.8
+    * [KNOX-2029] - Upgrade log4j2 to 2.12.1
+    * [KNOX-2030] - Upgrade frontend-maven-plugin to 1.8.0
+    * [KNOX-2031] - Upgrade slf4j to 1.7.28
+    * [KNOX-2032] - Upgrade cglib to 3.3.0
+    * [KNOX-2033] - Upgrade commons-beanutils to 1.9.4
+    * [KNOX-2034] - Upgrade jetty to 9.4.20.v20190813
+    * [KNOX-2035] - Upgrade maven-bundle-plugin to 4.2.1
+    * [KNOX-2036] - Upgrade cors-filter to 2.8
+    * [KNOX-2028] - Upgrade jackson to 2.9.10
+    * [KNOX-1939] - Upgrade jackson-databind to 2.9.9.1
+    * [KNOX-1950] - YARN v2 UI - Tools - Yarn Daemon Logs - /logs/stacks link broken
+    * [KNOX-1949] - CM discovery - Improve efficiency of discovery
+    * [KNOX-1938] - Upgrade nimbus-jose-jwt to 7.5.1
+    * [KNOX-1945] - Upgrade spring-vault to 2.1.3.RELEASE
+    * [KNOX-1944] - Upgrade protobuf-java to 3.9.0
+    * [KNOX-1942] - Upgrade spotbugs-maven-plugin to 3.1.12.1
+    * [KNOX-1937] - Upgrade testcontainers to 1.11.4
+    * [KNOX-1936] - Upgrade log4j2 to 2.12.0
+    * [KNOX-1941] - Upgrade joda-time to 2.10.3
+    * [KNOX-1943] - Upgrade dependency-check-maven to 5.2.0
+    * [KNOX-1940] - Upgrade commons-text to 1.7
+    * [KNOX-1924] - Upgrade org.abstractj.libpam4j 1.9.1 to org.kohsuke.libpam4j 1.11 (#116)
+    * [KNOX-1923] - Upgrade nodejs to latest LTS v10.16.0 (#117)
+    * [KNOX-2010] - Upgrade zookeeper to 3.5.5 (#152)
+    * [KNOX-2203] - Upgrade admin-ui npm dependencies (#245)
+    * [KNOX-1969] - Upgrade jackson-databind to 2.9.9.3
+    * [KNOX-1966] - Upgrade jackson-databind to 2.9.9.2
+    * [KNOX-1885] - Upgrade jetty to 9.4.19.v20190610
+    * [KNOX-2301] - Trigger discovery for descriptors at gateway start time
+    * [KNOX-2302] - Skip re-deployment of generated topology if the topology has not changed (#297)
+    * [KNOX-2265] - Checking CM configs by their related names and read hive.server2.use.SSL from the service configuration (#280)
+    * [KNOX-2263] - Docker - make sure not to put anything except version in the tag (#279)
+    * [KNOX-2258] - Add filter for Location header (#277)
+    * [KNOX-2258] - Add new rewrite rule in Livy service for handling redirect requests to /ui (#276)
+    * [KNOX-2212] - Token permissiveness (#274)
+    * [KNOX-2249] - Add Spark 3 History Server definition (#270)
+    * [KNOX-2250] - maven-antrun-plugin use target instead of tasks (#273)
+    * [KNOX-2239] - Websocket use the configured truststore in gateway-site config file (#269)
+    * [KNOX-2230] - Token State Service should throw UnknownTokenException instead of IllegalArgumentException (#268)
+    * [KNOX-2237] - CM service discovery should default the http path of Hive URLs when the associated property is not set (#266)
+    * [KNOX-2161] - CM generated descriptors are read-only on Admin UI (#265)
+    * [KNOX-2233] - DefaultKeystoreService getCredentialForCluster uses cache without synchronization (#264)
+    * [KNOX-2189] - KnoxShellTable.select() must handle whitespace (#256)
+    * [KNOX-2214] - Periodic job to evict expired tokens (#257)
+    * [KNOX-2228] - JWTFilter should handle unknown token exception from token state service (#260)
+    * [KNOX-2227] - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable (#258)
+    * [KNOX-2222] - Fix HBase UI Proxying for HBCK Report page (#254)
+    * [KNOX-2207] - TokenStateService revocation should remove persisted token state (#252)
+    * [KNOX-2215] - Token service should return a 403 response when the renewer is not white-listed (#251)
+    * [KNOX-2213] - Service Discovery Support for CM UI, API (#249)
+    * [KNOX-2209] - Improve logging for Knox token handling (#250)
+    * [KNOX-2206] - Log exclusion of a discovered service due to configuration issues (#248)
+    * [KNOX-2208] - AclsAuthorizationFilter should log access at DEBUG level (#247)
+    * [KNOX-2204] - KnoxLine NPE list datasources when directories don't exist (#246)
+    * [KNOX-2202] - Knox should use UTF-8 as default encoding instead of ISO-8859-1 (#244)
+    * [KNOX-2190] - Processing advanced service discovery configuration on topology level (#242)
+    * [KNOX-2188] - Handling discovery details via advanced configuration (#240)
+    * [KNOX-1742] - Simple SQL Client in KnoxShell for access to JDBC sources (#241)
+    * [KNOX-2186] - Advanced service discovery configuration handling (#238)
+    * [KNOX-2128] - fix javadoc warnings/errors
+    * [KNOX-2128] - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable (#231)
+    * [KNOX-2160] - Introducing Hadoop XML type descriptor format (#236)
+    * [KNOX-2162] - Log no rewrite rule found at DEBUG level
+    * [KNOX-1951] - Service Discovery Support for NiFi and NiFi Registry UI (#235)
+    * [KNOX-718 ] - KnoxSSO login page doesn't display any feedback on error (#234)
+    * [KNOX-2157] - Verifying the server's state in addition to PID check at gateway start and registering shutdown hook in order to stop the server gracefully. (#230)
+    * [KNOX-2149] - Added JWT OIDC Verification based on JWKS Urls and extract custom claim
+    * [KNOX-2101] - knoxshell doesn't handle invalid TLS well (#232)
+    * [KNOX-2148] - ZEPPELINUI service definition should pass query parameters for API
+    * [KNOX-2156] - CM discovery - KUDUUI discovery (#228)
+    * [KNOX-2155] - KnoxSSO should handle multiple cookies with the same name
+    * [KNOX-2154] - Allow KNOX service during topology generation without URLs and parameters (#226)
+    * [KNOX-2147] - Mask username/password in case we display call history and keep them safely (by setting proper file permissions) in JSON file (#217)
+    * [KNOX-2152] - Disable Ambari cluster configuration monitoring by default (#225)
+    * [KNOX-2151] - HIVE_ON_TEZ HS2 Discovery doesn't work (#224)
+    * [KNOX-1970] - CM discovery - Add Impala HS2 to auto discovery (#223)
+    * [KNOX-2134] - Checking if password/alias is available via local alias service before going to fetch it from remote ZK server (#218)
+    * [KNOX-1932] - CM discovery - WEBHCAT URLs not discovered (#222)
+    * [KNOX-1921] - CM discovery - Hue Load balancer HTTP/HTTPS scheme (#221)
+    * [KNOX-2123] - Setting requestURI using the given servletRequest in case the service is unavailable and logging it with the appropriate action outcome (#219)
+    * [KNOX-1935] - CM discovery - Hue should not have both LB and non LB (#220)
+    * [KNOX-2136] - Caching credentials in DefaultKeystoreService when an alias is being added or loaded from keystore and using a different cache implementation (#213)
+    * [KNOX-1962] - CM discovery - Avoid reading krb5 login config multiple t… (#215)
+    * [KNOX-2132] - JDBCKnoxShellTableBuilder should have optional username and password fields
+    * [KNOX-2144] - Alias API KnoxShell support should provide response types better than raw JSON (#211)
+    * [KNOX-2145] - WhitelistUtils should have an HTTPS_ONLY template (#212)
+    * [KNOX-2131] - Fixed sonarcloud bugs (#201)
+    * [KNOX-2127] - ZooKeeperAliasService mishandles mixed-case alias keys properly (#202)
+    * [KNOX-2053] - Ensure secure XML processing
+    * [KNOX-2122] - Use static base class constants
+    * [KNOX-2130] - Handle InterruptedException better (#199)
+    * [KNOX-2122] - Misc code cleanup (#198)
+    * [KNOX-2129] - Improve deprecated javadoc (#197)
+    * [KNOX-1997] - Fix diamond operator compiliation error
+    * [KNOX-1997] - Adding changes to buffer messages from backend in onMessag… (#143)
+    * [KNOX-2122] - Remove deprecated API usages (#194)
+    * [KNOX-2103] - Fix javadoc errors
+    * [KNOX-1718] - Hide org.apache.directory.api.ldap.model.entry.Value errors (#193)
+    * [KNOX-2122] - Use ThreadLocalRandom
+    * [KNOX-2103] - Make responseExcludeHeaders parameter in ConfigurableDispatch case insensitive (#192)
+    * [KNOX-2122] - Code cleanup from static code analysis (#191)
+    * [KNOX-2121] - Zookeeper - Reduce amount of resources required to run tests (#190)
+    * [KNOX-2099] - Using the default port of the protocol when no port is declared in the URL when building truststore. (#189)
+    * [KNOX-2104] - Removing redundant resource cleanup so that data table can keep track of its activePage/rowsOnTable attributes (#179)
+    * [KNOX-2105] - KnoxShell support for token renewal and revocation (#180)
+    * [KNOX-1878] - Enforce single version of dependencies (#102)
+    * [KNOX-2071] - Configurable maximum token lifetime for TokenStateService (#178)
+    * [KNOX-2025] - KnoxShellTable - Join Builder on Method should accept Col Names (#172)
+    * [KNOX-2068] - Let end-users add a new service definition from scratch (#173)
+    * [KNOX-2072] - Kudu web UI service definition (#171)
+    * [KNOX-2070] - SSOCookieFederationFilter NPE (#170)
+    * [KNOX-2066] - pom clean up
+    * [KNOX-2014] - Make sure ATLASSESSIONID cookie is set (#150)
+    * [KNOX-2013] - CM discovery - Add Phoenix to auto discovery (#148)
+    * [KNOX-1914] - New admin API to be used by the UI to fetch available service discovery types (#147)
+    * [KNOX-2017] - Making Cloudera repository available in Knox's parent POM so that Cloudera dependencies are available in every children project (#149)
+    * [KNOX-2016] - KnoxShellTable SQL Builder, Col Select, Sort
+    * [KNOX-1998] - WebHDFS rewrite.xml does not have rewrite rule for Location field in json (#138)
+    * [KNOX-1994] - Update Ranger API service definition to allow separate URL patterns
+    * [KNOX-2007] - Ensure wait for vault to start on exposed port
+    * [KNOX-1788] - New XSS Provider is added to Web Application Security Provider List (#141)
+    * [KNOX-2005] - Improvements to KnoxShellTable
+    * [KNOX-2001] - KnoxSession should log a warning message when useSubjectCredsOnly is false
+    * [KNOX-2000] - KnoxSession should not set javax.security.auth.useSubjectCredsOnly
+    * [KNOX-1999] - Make WEBHDFS rule that rewrites hdfs:// local (#139)
+    * [KNOX-1992] - Add a service definition for Impala's debug web pages (#137)
+    * [KNOX-1994] - Update Ranger API service definition to allow separate URL patterns (#136)
+    * [KNOX-1934] - Setting the default value of knoxsso.cookie.secure.only based on ssl.enabled flag in gateway-site.xml (#134)
+    * [KNOX-1990] - Testing non-existing/non-parsable JAAS configuration in sequential order even if parallel test execution is enabled (#133)
+    * [KNOX-1957] - Optional APP_JAVA_OPTS are handled properly (#131)
+    * [KNOX-1952] - Add NiFi Registry service definition (#128)
+    * [KNOX-1988] - In Spark History Server UI, make links for Executor logs point to YARN UI v2 (#132)
+    * [KNOX-1986] - Do not attempt to rewrite empty payload (#129)
+    * [KNOX-1967] - Add a service definition for Impala Hiveserver2 (#127)
+    * [KNOX-1694] - Prevent port mapped topologies from being exposed to gateway port (#126)
+    * [KNOX-1963] - Ranger API service should proxy xusers/users and and xusers/groups
+    * [KNOX-1959] - HadoopAuthCookieStore should not read krb5 login config each time
+    * [KNOX-1956] - Improve AdminUI development by using angular proxy conf (#122)
+    * [KNOX-1948] - If no rules are defined don't rewrite (#121)
+    * [KNOX-1588] - YARN v2 UI - Make sure that Spark and MR Job history links are handled
+    * [KNOX-1927] - CM discovery - ZEPPELINUI / ZEPPELINWS urls are not discovered
+    * [KNOX-1928] - CM discovery - Multiple of same url are added to descriptor
+    * [KNOX-1593] - YARN v2 UI - Application - View logs for running application
+    * [KNOX-1925] - KnoxPamRealm code cleanup
+    * [KNOX-1922] - Processing a DNSName only if the hostname starts with a letter (#115)
+    * [KNOX-1816] - Added shellcheck validation to our build optionally and fixed issues shellcheck already found (#114)
+    * [KNOX-1919] - Taking gateway.path into consideration when processing redirectToUrl provider param with the OOTB knoxsso.xml sample (#113)
+    * [KNOX-1917] - DefaultKeystoreService should use a shared read lock (#110)
+    * [KNOX-1916] - Provide default configuration for Hue in topology (#109)
+    * [KNOX-1911] - Support ClouderaManager Service Discovery in Admin UI
+** Bug
+    * [KNOX-2262] - Accessing hbase logs through knox exposes hbase endpoint url instead of routing through knox
+    * [KNOX-2314] - NPE from topology Service equals implementation when no URLs (#303)
+    * [KNOX-2008] - Fix Broken RM Home Link in YARN UI.
+    * [KNOX-2007] - TestHashicorpVaultAliasService fails if a process is already bound to port 8200
+    * [KNOX-1590] - YARN v2 UI - Application - ApplicationMaster link is broken
+    * [KNOX-1915] - X509CertificateUtil SAN should contain fully qualified hostname
+    * [KNOX-1918] - Atlas API - prevent global HDFS rules from triggering (#111)
+    * [KNOX-1933] - Add rewrite rules to fix Yarn RM application and logs URL (#119)
+    * [KNOX-1744] - Add rewrite rules to fix executor stdout/stderr links in Spark History Server UI (#120)
+    * [KNOX-1929] - CM discovery - HIVE URLs not discovered when HIVE_ON_TEZ is deployed
+    * [KNOX-1930] - CM discovery - JOBTRACKER URLs not discovered
+    * [KNOX-1964] - YARN v1 UI - ContainerLogs link broken for Running Jobs
+    * [KNOX-1955] - Admin UI should handle gateway.path change (#123)
+    * [KNOX-1968] - YARN UI V2 proxied via Knox does not rewrite Spark stderr/stdout links
+    * [KNOX-1995] - If a rule doesn't match, shouldn't error. Need to handle null case
+    * [KNOX-2259] - KNOX-2260 KNOX-2261 - Fixed Impala/Kudu/HBase UI context path in service metadata (#282)
+    * [KNOX-1958] - YARN v2 UI - internal links of History and ApplicationMaster Pages.
+    * [KNOX-2021] - Fix typo in gateway-docker/README.md (#155)
+    * [KNOX-2012] - Fix an issue where multiple sessions are created during Ranger login (#146)
+    * [KNOX-2011] - Don't block SET-COOKIE response header for Ranger UI (#144)
+    * [KNOX-1987] - knox failed to start because knoxcli failed with "java.lan…g.NoSuchFieldError: DEFAULT_XML_TYPE_ATTRIBUTE" (#130)
+    * [KNOX-2231] - Fix KnoxSSO OIDC integration (#262)
+    * [KNOX-2229] - Knox shouldn't exclude Kerby since it is used by Hadoop
+    * [KNOX-2200] - DefaultKeystoreService can lose entries under concurrent access (#243)
+    * [KNOX-2002] - Fix KnoxShellTableTest build errors
+    * [KNOX-1742] - Fix javadoc warning
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.3.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-1880] - Support doAs for Cloudera Manager service discovery API interactions
+    * [KNOX-1862] - Add Service Definition for Hue UI (#97)
+    * [KNOX-1875] - Cloudera Manager service discovery
+    * [KNOX-1855] - Add Service Definition for Cloudera Manager API (#88)
+    * [KNOX-1774] - Introduce environment variables in gateway/knoxcli/ldap/knoxshell scripts for customization (#65)
+    * [KNOX-1687] - Hashicorp Vault RemoteAliasService provider
+    * [KNOX-1418] - Add KnoxShell command to build truststore using the gateway server's public certificate (#60)
+    * [KNOX-1285] - Create Apache Knox Dockerfile and image
+** Improvement
+    * [KNOX-1912] - X509CertificateUtil should set CN and SAN
+    * [KNOX-1905] - Upgrade maven-pmd-plugin to 3.12.0
+    * [KNOX-1886] - Upgrade spotbugs-maven-plugin to 3.1.12
+    * [KNOX-1910] - Upgrade rest-assured to 4.0.0
+    * [KNOX-1909] - Upgrade javax.annotation-api to 1.3.1
+    * [KNOX-1908] - Upgrade checkstyle to 8.22
+    * [KNOX-1890] - Upgrade testcontainers to 1.11.3
+    * [KNOX-1907] - Upgrade pac4j to 3.7.0
+    * [KNOX-1884] - Upgrade spring-core to 5.1.8.RELEASE
+    * [KNOX-1899] - Upgrade shiro to 1.4.1
+    * [KNOX-1882] - Upgrade protobuf-java to 3.8.0
+    * [KNOX-1883] - Upgrade nimbus-jose-jwt to 7.3
+    * [KNOX-1897] - Upgrade metrics to 4.1.0
+    * [KNOX-1898] - Upgrade maven-compiler-plugin to 3.8.1
+    * [KNOX-1891] - Upgrade maven-checkstyle-plugin to 3.1.0
+    * [KNOX-1903] - Upgrade frontend-maven-plugin to 1.7.6
+    * [KNOX-1895] - Upgrade joda-time to 2.10.2
+    * [KNOX-1902] - Upgrade maven-bundle-plugin to 4.2.0
+    * [KNOX-1885] - Upgrade jetty to 9.4.19.v20190610
+    * [KNOX-1904]- Upgrade jna to 5.3.1
+    * [KNOX-1887]- Upgrade dependency-check-maven to 5.0.0
+    * [KNOX-1888] - Upgrade bcprov-jdk15on to 1.62
+    * [KNOX-1901] - Upgrade jansi to 1.18
+    * [KNOX-1893] - Upgrade jacoco-maven-plugin to 0.8.4
+    * [KNOX-1892] - Upgrade jackson to 2.9.9
+    * [KNOX-1906] - Upgrade guava to 28.0-jre
+    * [KNOX-1894] - Upgrade groovy to 2.5.7
+    * [KNOX-1900] - Upgrade commons-lang3 to 3.9
+    * [KNOX-1889] - Upgrade checkstyle to 8.21
+    * [KNOX-1896] - Upgrade cglib to 3.2.12
+    * [KNOX-1881] - DefaultKeystoreService should use Java NIO API locking as well
+    * [KNOX-1877] - Atlas service definitions should default to trusted proxy
+    * [KNOX-1876] - Zeppelin should default to trusted proxy for service definition (#100)
+    * [KNOX-1874] - Ignore irrelevant files in service definition directories (#99)
+    * [KNOX-1872] - Update Ranger service definitions to support trusted proxy
+    * [KNOX-1848] - Default to 'zookeeper' as remote alias configuration type in case it is not set in gateway-site.xml (#93)
+    * [KNOX-1858] - Add service name to X-Forwarded-Context header (#90)
+    * [KNOX-1859] - Improve alias lookup for HadoopAuthProvider (#89)
+    * [KNOX-1861] - KnoxSession should support configurable useSubjectCredsOnly system property setting
+    * [KNOX-1857] - YARNUIV2 fails with Authentication Required with kerberos authentication type (Prabhu Joseph via Kevin Risden)
+    * [KNOX-1827] - Knox Fails to Rewrite WebFonts for Zeppelin (#76)
+    * [KNOX-1851] - remove the unnecessary instanceof check (#87)
+    * [KNOX-1841] - Upgrade zookeeper to 3.4.14
+    * [KNOX-1846] - Upgrade testcontainers to 1.11.1
+    * [KNOX-1845] - Upgrade spring-core to 5.1.6.RELEASE
+    * [KNOX-1840] - Upgrade protobuf-java to 3.7.1
+    * [KNOX-1847] - Upgrade findsecbugs to 1.9.0
+    * [KNOX-1843] - Upgrade dependency-check-maven to 5.0.0-M2
+    * [KNOX-1850] - KnoxSession should honor the current subject for Kerberos login
+    * [KNOX-1849] - Start the Java process with 'exec' when running the app in foreground (#85)
+    * [KNOX-1844] - Upgrade checkstyle to 8.19
+    * [KNOX-1819] - Ensure services are started and stopped in the correct order (#82)
+    * [KNOX-1837] - Remove jersey-common from top level pom
+    * [KNOX-1836] - Migrate from commons-lang to commons-lang3
+    * [KNOX-1837] - Remove ServiceTestResource glassfish Base64 dependency
+    * [KNOX-1835] - Jupyter Enterprise Gateway - KERNEL_USERNAME should be added when not present (#79)
+    * [KNOX-1832] - KnoxSession handling of JAAS config for kerberos auth is not deterministic
+    * [KNOX-1828] - Fix javadoc warning for test
+    * [KNOX-1804] - Moving copy-pasted bash functions to knox-function.sh (#71)
+    * [KNOX-1824] - Upgrade guava to 27.1-jre
+    * [KNOX-1823] - Upgrade protobuf-java to 3.7.0
+    * [KNOX-1822] - Upgrade dependency-check-maven to 5.0.0-M1
+    * [KNOX-1814]- Moving conf/data folder checking to Java layer from bash (#68)
+    * [KNOX-1812] - The Knox Gateway truststore should be configurable (#69)
+    * [KNOX-1815] - Removed Windows scripts (#67)
+    * [KNOX-1111] - 2-way SSL Truststore and Keystore Improvements (#74)
+    * [KNOX-1820] - Cleanup KeystoreService implementations and add unit tests (#72)
+    * [KNOX-1804] - Fix variable *_FOREGROUND_* defaults
+    * [KNOX-1826] - Replace zip4j with ShrinkWrap
+    * [KNOX-1810] - Upgrade frontend-maven-plugin to 1.7.5
+    * [KNOX-1811] - Upgrade pac4j to 3.6.1
+    * [KNOX-1809] - Upgrade spotbugs to 3.1.12
+    * [KNOX-1807] - Upgrade curator to 4.2.0
+    * [KNOX-1808] - Upgrade asm to 7.1
+    * [KNOX-1803] - Stop redirecting stderr & stdout to a file when the server runs in the foreground (#64)
+    * [KNOX-1801] - Master secret is incorrectly assumed when a custom truststore is not specified when clientauth is enabled (#63)
+    * [KNOX-1802] - Ranger /service/plugins and healthcheck endpoint needs to be exposed through Knox.
+    * [KNOX-474] - Improve Kerberos config validation and diagnostics at startup (#62)
+    * [KNOX-1789] - Refactor RemoteAliasService to use service loading (#59)
+    * [KNOX-1793] - DefaultKeystoreService should not validate the signing key on initialization (#61)
+    * [KNOX-1799] - Upgrade nimbus-jose-jwt to 7.0.1
+    * [KNOX-1800] - Upgrade mina-core to 2.0.20
+    * [KNOX-1798] - Upgrade checkstyle to 8.18
+    * [KNOX-1791] - MasterService should be a field on GatewayServices - replace "Master Service" with (new) constant, reordered constants in GatewayServices (#58)
+    * [KNOX-1756] - Knox Gateway TLS Keystore and Alias Should be Configurable (#56)
+    * [KNOX-1787] - Use same SecureRandom that DefaultAliasService used
+    * [KNOX-1787] - Create PasswordUtils class in gateway-util-common
+    * [KNOX-1786] - Use mocking to simplify DefaultRemoteConfigurationMonitorTest
+    * [KNOX-1162] - Logging stacktrace for FATAL messages and displaying a meaningful error message in case of missing/non-parsable JAAS configuration (#55)
+    * [KNOX-1784] - Upgrade bootstrap to 3.4.1
+    * [KNOX-1780] - Upgrade slf4j to 1.7.26
+    * [KNOX-1781] - Upgrade commons-codec to 1.12
+    * [KNOX-1782] - Upgrade jetty to 9.4.15.v20190215
+    * [KNOX-1777] - Move pac4j version/dependencies to top level pom.xml
+    * [KNOX-1778] - Update Copyright year to 2019
+    * [KNOX-1709] - Limit parallelism for slower laptops
+    * [KNOX-1760] - Created Pull Request template (#51)
+    * [KNOX-1775] - Cleanup test timeout handling
+    * [KNOX-1773] - Docker start gateway/ldap in the foreground
+    * [KNOX-1771] - Upgrade spotbugs-maven-plugin to 3.1.11
+    * [KNOX-1769] - Upgrade nimbus-jose-jwt to 7.0
+    * [KNOX-1767] - Upgrade log4j2 to 2.11.2
+    * [KNOX-1770] - Upgrade groovy to 2.5.6
+    * [KNOX-1768] - Upgrade bcprov-jdk15on to 1.61
+    * [KNOX-1772] - Upgrade angular-cli to 1.7.4
+    * [KNOX-1709] - Allow tests to run in parallel
+    * [KNOX-1758] - New Ant target to ease starting test servers enabling remote debugging
+    * [KNOX-1757] - Increasing test timeout from 1 second to 3 seconds (Sandor Molnar via Kevin Risden)
+    * [KNOX-1755] - Revert upgrade httpclient to 4.5.7 due to HTTPCLIENT-1968
+    * [KNOX-1754] - Upgrade pac4j to 3.5.0
+    * [KNOX-1753] - Upgrade jacoco-maven-plugin to 0.8.3
+    * [KNOX-1752] - Upgrade httpclient to 4.5.7
+    * [KNOX-1751] - Upgrade checkstyle to 8.17
+    * [KNOX-1792] - AliasService start should only be called once in DefaultGatewayServices
+    * [KNOX-1750] - Unable to view descriptor service params
+    * [KNOX-1559] - Create Dispatch implementation that is configurable via service.xml file
+    * [KNOX-1747] - Upgrade spotbugs to 3.1.11
+    * [KNOX-1746] - Upgrade httpcore to 4.4.11
+    * [KNOX-1748] - Upgrade eclipselink to 2.7.4
+    * [KNOX-1745] - Upgrade hadoop to 3.2.0
+    * [KNOX-1738] - Upgrade nimbus-jose-jwt to 6.7
+    * [KNOX-1739] - Upgrade spring-core to 5.1.4.RELEASE
+    * [KNOX-1737] - Remote configuration monitor start should not be attempted if config is not defined
+    * [KNOX-1736] - Upgrade rest-assured to 3.3.0
+    * [KNOX-1735] - Upgrade admin-ui bootstrap to 3.4.0
+    * [KNOX-1710] - Reuse JAXBContext since they are thread safe
+    * [KNOX-1731] - Gateway Admin UI should not include external js/css
+    * [KNOX-1728] - Allow custom parameters to be passed to dispatches
+    * [KNOX-1727] - Values should not be forced in query parameters when proxying through Knox
+    * [KNOX-1721]- Upgrade dependency-check-maven to 4.0.2
+    * [KNOX-1724] - Upgrade rat plugin to 0.13
+    * [KNOX-1723] - Upgrade dropwizard metrics to 4.0.5
+    * [KNOX-1722] - Upgrade checkstyle to 8.16
+    * [KNOX-1716] - Upgrade hamcrest to 2.1
+    * [KNOX-1717] - Enable PMD incremental analysis
+    * [KNOX-1715] - Upgrade jna to 5.2.0
+    * [KNOX-1712] - Upgrade spotbugs-maven-plugin to 3.1.10
+    * [KNOX-1713] - Upgrade dropwizard metrics to 4.0.4
+    * [KNOX-1714] - Upgrade groovy to 2.5.5
+    * [KNOX-1711] - Provide Endpoint Public Cert for KnoxToken
+    * [KNOX-1679] - Add Alias API service
+    * [KNOX-1679] - Review fixes
+    * [KNOX-1708] - Cleanup admin-ui lint errors
+    * [KNOX-1707] - Gateway Admin UI should have the right version
+    * [KNOX-1705] - Fix including gateway-admin-ui module
+    * [KNOX-1679] - Add Alias API service
+    * [KNOX-1705] - Integrate gateway-admin-ui into Maven build
+    * [KNOX-1703] - Cleanup old System.out debugging lines
+    * [KNOX-1702]- Use Boolean.parseBoolean instead of true.equals
+    * [KNOX-1701] - Use hamcrest assertThat instead of junit
+    * [KNOX-1700] - Tests should not extend org.junit.Assert
+    * [KNOX-1696] - Upgrade nimbus-jose-jwt to 6.5.1
+    * [KNOX-1697] - Upgrade curator to 4.1.0
+    * [KNOX-1690] - Update pom.xml with new git url
+    * [KNOX-1691] - Update doap_Knox with gitbox location
+    * [KNOX-1686] - XmlFilterReader - Ensure XPath and XPathFactory thread safety
+    * [KNOX-1684] - Avoid NPE for deployments in GatewayServer
+    * [KNOX-1685] - MockServlet - avoid mutable instance variables
+    * [KNOX-1683] - Ensure truststorePass is set in KnoxSession
+    * [KNOX-1682] - Upgrade dependency-check-maven to 4.0.1
+    * [KNOX-1681] - Upgrade spotbugs to 3.1.10
+    * [KNOX-1663] - Checkstyle - Enable EqualsAvoidNullCheck and don't instantiate Boolean
+    * [KNOX-1768] - Upgrade Jackson to 2.9.8
+    * [KNOX-1677] - Use try-with-resources to ensure that resources are closed
+    * [KNOX-1527] - Bump apacheds dependency version to 2.0.0-AM25
+    * [KNOX-1676] - Enable PMD for tests
+    * [KNOX-1638] - Migrate from apacheds-all to specific apacheds dependencies
+    * [KNOX-1673] - Upgrade cglib to 3.2.10
+    * [KNOX-1568] - Upgrade nimbus-jose-jwt to 6.5
+    * [KNOX-1672] - Cleanup deprecated API usage
+    * [KNOX-1671] - Cleanup misc logic errors identified by Sonarqube
+    * [KNOX-1669] - Enable PMD code style rules
+    * [KNOX-1668] - Enable PMD multithreading ruleset
+    * [KNOX-1667] - Enable PMD error prone ruleset
+    * [KNOX-1666] - Enable PMD best practices ruleset
+    * [KNOX-503] - Tests which include expected unreachable hosts fail with wildcard DNS records (Kristopher Kane, Kevin Risden)
+    * [KNOX-1615] - Enable PMD for source analysis
+    * [KNOX-1664] - Miscellaneous code cleanup
+    * [KNOX-1663] - Enforce more Checkstyle rules
+    * [KNOX-1618] - Add dropwizard metrics-jvm support
+    * [KNOX-1623] - Fix jenkins build - 2
+    * [KNOX-1364] - Cookie scoping path should contain the topology name (Laszlo Nardai via Kevin Risden)
+    * [KNOX-1662] - Avoid GatewayTestDriver NPE on ldap stop
+    * [KNOX-1659] - Upgrade spring-core to 5.1.3.RELEASE
+    * [KNOX-1656] - Upgrade checkstyle to 8.15
+    * [KNOX-1658] - Upgrade spotbugs-maven-plugin to 3.1.9
+    * [KNOX-1657] - Upgrade easymock to 4.0.2
+    * [KNOX-1660] - OWASP Add suppressions for false positives
+    * [KNOX-1623] - Fix jenkins failure and minor doc changes
+    * [KNOX-1650] - HA dispatcher for Atlas with knox trusted proxy (Nixon Rodrigues via Kevin Risden)
+    * [KNOX-1623] - Kerberos support for KnoxShell
+** Bug
+    * [KNOX-1879] - HDFSUI service definition doesn't work with DefaultHaDispatch
+    * [KNOX-1870] - Zeppelin UI service definition service.xml has wrong version
+    * [KNOX-1868] - HBase UI changes from KNOX-1866 aren't picked up due to service.xml version (#95)
+    * [KNOX-1866] - Fix HBase UI proxying (#94)
+    * [KNOX-1864] - Knox returns HTTP 405 Method Not Allowed error with HTTP PATCH method (#91)
+    * [KNOX-1856] - Incorrect error message in case there is no 'gateway-identity' certificate in the configured keystore (#92)
+    * [KNOX-1854] - Admin UI read-only topology message typo
+    * [KNOX-1851] - Fix NPE in Zookeeper Remote Alias Service (#86)
+    * [KNOX-1830] - Fix sporadic Illegal character error in TestHashicorpVaultAliasService
+    * [KNOX-1828] - Fix Websocket Message Size (#75)
+    * [KNOX-1789] - Fix RemoteAliasService fallback after KNOX-1756
+    * [KNOX-1191] - Azure AD support for KnoxSSO
+    * [KNOX-1733] - Spark History UI Version is Not Correct in the XML
+    * [KNOX-1647] - Identity Assertion should not modify order of query params
+    * [KNOX-1680] - KnoxTokenCredentialCollector results in IndexOutOfBounds exception
+    * [KNOX-1615] - Fix mvn site
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.2.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-1343] - Support Ganglia for Knox (Mert Hocanin via Kevin Risden)
+    * [KNOX-1421] - Enable OWASP Dependency Check
+    * [KNOX-1549] - KnoxSSO should support signing keys per topology
+
+** Improvement
+    * [KNOX-16] - Implement IdentityAsserterHttpServletRequestWrapper.ServletInputStreamWrapper methods for performance
+    * [KNOX-1011] - Add ldap.port system property to configure LDAP demo server port (Attila Csoma via Kevin Risden)
+    * [KNOX-1112] - KnoxShell support for managing simple descriptors
+    * [KNOX-1291] - ssl.include|exclude.ciphers & ssl.exclude.protocols support comma or pipe separated lists
+    * [KNOX-1359] - Disable kerberos debugging by default
+    * [KNOX-1401] - Add HAL+JSON To the List of JSON Content Types (William Watson via Sandeep More)
+    * [KNOX-1411] - WEBHBASE service discovery references incorrect property for the port
+    * [KNOX-1440] - WEBHDFS: retry should not be attempted for datanode write failures
+    * [KNOX-1441] - Enable spotbugs for static build checking
+    * [KNOX-1442] - Enable forbiddenapis for static build checking
+    * [KNOX-1443] - Add checkstyle to enforce coding style
+    * [KNOX-1444] - Upgrade to ASF POM version 21
+    * [KNOX-1448] - Maven pom dependency cleanup
+    * [KNOX-1460] - Zookeeper tests should call close() instead of stop()
+    * [KNOX-1461] - Remove JRE/JDK 1.7 check introduced by KNOX-769
+    * [KNOX-1464] - Remove explicit guava dependency from gateway-server InstrUtils
+    * [KNOX-1465] - Remove explicit guava dependency from gateway-provider-ha
+    * [KNOX-1466] - Remove explicit guava dependency from gateway-provider-rewrite-func-inbound-query-param
+    * [KNOX-1467] - Remove explicit guava dependency from gateway-provider-security-preauth
+    * [KNOX-1468] - Remove explicit guava dependency from gateway-service-nifi
+    * [KNOX-1474] - Bump apacheds dependency version to 2.0.0-AM24
+    * [KNOX-1475] - Bump shrinkwrap dependency versions
+    * [KNOX-1477] - Bump commons-* dependency versions
+    * [KNOX-1478] - Support running checkstyle from submodules
+    * [KNOX-1479] - Replace Mockito usage with EasyMock
+    * [KNOX-1484] - Bump version dependencies Oct 2018
+    * [KNOX-1501] - Upgrade hadoop to 3.1.1
+    * [KNOX-1511] - Enable forbiddenapis commons-io signatures
+    * [KNOX-1512] - Replace deprecated EasyMock new Capture() calls
+    * [KNOX-1516] - Upgrade Jetty to 9.4.12
+    * [KNOX-1518] - Large HDFS file downloads are incomplete when content is gzipped
+    * [KNOX-1521] - Implement UrlRewriteRequestStream methods for performance
+    * [KNOX-1522] - Add HA support for HadoopAuthProvider
+    * [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module
+    * [KNOX-1530] - Improve Gzip Compression Handling Performance
+    * [KNOX-1537] - Cleanup gateway-group no value errors
+    * [KNOX-1538] - Remove TODO Auto-generated
+    * [KNOX-1540] - Use StandardCharsets where possible
+    * [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit()
+    * [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token
+    * [KNOX-1546] - Fix javadoc errors and warnings
+    * [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell
+    * [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway
+    * [KNOX-1554] - Allow Knox site to be built with JDK 11
+    * [KNOX-1555] - Update DOAP file
+    * [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1
+
+** Bug
+    * [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown
+    * [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state
+    * [KNOX-1098] - Livy proxyUser should be added when not present
+    * [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden)
+    * [KNOX-1165] - Another unnamed CacheManager already exists in the same VM
+    * [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs
+    * [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC
+    * [KNOX-1221] - WebHDFS read/write performance limitations
+    * [KNOX-1222] - Discovery API requests fail against Docker Sandbox
+    * [KNOX-1247] - Knox Cloud Federation
+    * [KNOX-1337] - Cleanup AbstractGatewayDispatch
+    * [KNOX-1405] - Download page must link to KEYS and contain verification details
+    * [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip"
+    * [KNOX-1415] - Upgrade Jetty to 9.2.25
+    * [KNOX-1416] - Upgrade Spring Framework to 4.3.17
+    * [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J
+    * [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More)
+    * [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects
+    * [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More)
+    * [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values
+    * [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay)
+    * [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException
+    * [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More)
+    * [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging
+    * [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation
+    * [KNOX-1459] - Remove testng assertions
+    * [KNOX-1505] - Knox should close CuratorFramework clients when finished
+    * [KNOX-1519] - Fix 404s in the documentation
+    * [KNOX-1520] - markbook refers to wrong parent-pom version
+    * [KNOX-1523] - XML parsing cleanup
+    * [KNOX-1526] - Upgrade Jetty to 9.2.26
+    * [KNOX-1529] - gateway-shell-release doesn't include shaded jar
+    * [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession
+    * [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway
+    * [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly
+    * [KNOX-1558] - KnoxToken service returns wrong content type and content length values
+    * [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden)
+    * [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden)
+    * [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root
+    * [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException
+    * [KNOX-1616] - Fix portmapping with Jetty 9.4
+    * [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext
+    * [KNOX-1645] - Improve JSESSIONID handling
+    * [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces
+
+** Sub-task
+    * [KNOX-1449] - Ensure all pom.xml files have same header
+    * [KNOX-1450] - Remove redundant configurations from pom.xml
+    * [KNOX-1451] - Setup base checkstyle plugin
+    * [KNOX-1452] - Enable checkstyle no tabs in source file rule
+    * [KNOX-1453] - Enable checkstyle no unused imports rule
+    * [KNOX-1454] - Enable checkstyle no wildcard imports rule
+    * [KNOX-1455] - Enable checkstyle ASF header check rule
+    * [KNOX-1456] - Move dependency versions to top level pom properties
+    * [KNOX-1457] - Add mailing lists to top level pom
+    * [KNOX-1463] - Use maven-dependency-plugin to ensure all dependencies are declared
+    * [KNOX-1470] - Remove surefire-version and failsafe-version properties
+    * [KNOX-1471] - Remove unused genson dependency
+    * [KNOX-1472] - Remove explicit surefire plugin block in child poms
+    * [KNOX-1473] - Remove plugin versions that are from parent ASF pom
+    * [KNOX-1480] - Remove cobertura-maven-plugin
+    * [KNOX-1481] - Remove javancss-maven-plugin
+    * [KNOX-1482] - Migrate to maven-site-plugin reportSets
+    * [KNOX-1485] - Upgrade bcprov-jdk15on to 1.60
+    * [KNOX-1486] - Upgrade commons-lang3 to 3.8.1
+    * [KNOX-1487] - Upgrade easymock to 3.6
+    * [KNOX-1488] - Upgrade curator to 4.0.1
+    * [KNOX-1489] - Upgrade jericho-html to 3.4
+    * [KNOX-1490] - Upgrade buildnumber-maven-plugin to 1.4
+    * [KNOX-1491] - Upgrade jline to 2.14.6
+    * [KNOX-1492] - Upgrade jna to 4.5.2
+    * [KNOX-1493] - Upgrade joda-time to 2.10
+    * [KNOX-1494] - Upgrade groovy to 2.5.2
+    * [KNOX-1495] - Upgrade httpclient to 4.5.6 and httpcore to 4.4.10
+    * [KNOX-1496] - Upgrade maven-bundle-plugin to 4.0.0
+    * [KNOX-1497] - Upgrade jansi to 1.17.1
+    * [KNOX-1498] - Upgrade maven-enforcer-plugin to 3.0.0-M2
+    * [KNOX-1499] - Upgrade cors-filter to 2.6
+    * [KNOX-1500] - Upgrade rest-assured to 3.1.1
+    * [KNOX-1503] - Upgrade slf4j to 1.7.25
+    * [KNOX-1504] - Upgrade eclipselink to 2.7.3
+    * [KNOX-1506] - Upgrade protobuf-java to 3.6.1
+    * [KNOX-1507] - Upgrade okhttp to 2.7.5
+    * [KNOX-1508] - Upgrade taglibs-standard-spec and taglibs-standard-impl to 1.2.5
+    * [KNOX-1509] - Upgrade pac4j dependencies
+    * [KNOX-1510] - Upgrade nimbus-jose-jwt to 6.0.2
+    * [KNOX-1513] - Upgrade spring-core to 5.0.9.RELEASE
+    * [KNOX-1514] - Upgrade jackson to 2.9.7
+    * [KNOX-1515] - Upgrade shiro to 1.4.0 and ehcache to 2.6.11
+    * [KNOX-1531] - Remove gzip handler added by KNOX-732
+    * [KNOX-1532] - Only decompress/recompress when there are rewrite rules
+    * [KNOX-1533] - Disable httpclient transparent content decompression
+    * [KNOX-1534] - Avoid try/catch checking for gzip stream
+    * [KNOX-1535] - Remove custom gzip helper stream - use commons-compress
+    * [KNOX-1578] - JobHistory UI - Broken "ResourceManager" and "NodeManager" links
+    * [KNOX-1580] - YARN v1 UI - Scheduler - "Dump scheduler logs" link broken
+    * [KNOX-1581] - YARN v1 UI - Application - Node and logs links broken
+    * [KNOX-1587] - YARN v1 UI - Fix Spark history links
+
+** Test
+    * [KNOX-1548] - Improve ZooKeeperConfigurationMonitorTest to not use Thread.sleep()
+
+** Wish
+    * [KNOX-1435] - how to configure rewrite.xml and service.xml?
+
+** Task
+    * [KNOX-542] - Add replayBufferSize defaults to the sandbox topology (Matthew Sharp via Kevin Risden)
+    * [KNOX-543] - Add documentation and configuration examples to the user guide for replaybuffersize
+    * [KNOX-1402] - Upgrade to Apache parent pom version 20
+    * [KNOX-1407] - Please delete old releases from mirroring system
+    * [KNOX-1408] - Remove the Roadmap confluence wiki page
+    * [KNOX-1524] - Hive "select *" performance evaluation
+    * [KNOX-1525] - HBase "scan" performance evaluation
+    * [KNOX-1536] - Replace redundant types with the diamond operator
+    * [KNOX-1539] - Put the array declaration after the type
+    * [KNOX-1542] - Upgrade to EasyMock 4.0.1
+    * [KNOX-1543] - Update documentation for KNOX-1531
+    * [KNOX-1622] - Enable the secure processing feature on all XPathFactory instances
+    * [KNOX-1637] - ant verify-stage should check knoxshell artifacts
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.1.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-1040] - Initial new descriptor and provider config wizard support
+    * [KNOX-1040] - Accommodate omission of cluster user in descriptor discovery config
+    * [KNOX-1040] - Implemented the ability to add config elements to provider configurations and descriptors.
+    * [KNOX-1040] - Added modification support: delete, discard changes, save changes
+    * [KNOX-1040] - Separated the provider config selection modal into its own component.
+    * [KNOX-1040] - Added visual indicator that a provider config has not been removed because it is referenced, and improved editable fields
+    * [KNOX-1040] - Initial changes to support simple descriptors and provider configurations in the Admin UI.
+
+** Improvement
+    * [KNOX-1395] - Change Derived Whitelist logic to not use InetAddress of Localhost for getting Hostname
+    * [KNOX-1394] - OOTB gateway-site.xml to Default to Demo Whitelist Scenario
+    * [KNOX-1381] - Fix logging
+    * [KNOX-1378] - Declare SSO params using KnoxSSO service option  knoxsso.expected.params
+    * [KNOX-1379] - Default dispatch whitelist should not include localhost when the Knox host domain can be determined
+    * [KNOX-1363] - Support service role-based whitelist for dispatches and redirects
+    * [KNOX-1357] - Add configurable list of AutoDeploy topologies to deploy on server start
+    * [KNOX-1350] - Complete centralization of manager.xml topology config in gateway-site.xml
+    * [KNOX-1339] - (KIP-11 Federation)  Add support for header preauth dispatch
+    * [KNOX-1350] - Centralize Group Lookup Config in gateway-site.xml
+    * [KNOX-1338] - Add Config Property for Knox Admin Groups for AclsAuthz Provider Use
+    * [KNOX-1326] - merge DATANODE rewrite rules into HDFSUI
+    * [KNOX-1336] - Upgrade libpam4j to abstractj/1.9.1
+    * [KNOX-1315] - Spark UI urls issue: Jobs, stdout/stderr and threadDump links (Guang Yang via lmccay)
+    * [KNOX-1143] - Add MR job history ws rest api rewrite rule to jobhistoryui (Guang Yang via lmccay)
+    * [KNOX-1089] - Upgrade Jetty
+    * [KNOX-1329] - Upgrade the transitive springframework spring core to even newer version
+    * [KNOX-1290] - Create gateway definition for Log Search - version 0.5.0 (Olivér Szabó via lmccay)
+    * [KNOX-1329] - Upgrade the transitive springframework spring core from pac4j
+    * [KNOX-1328] - Change Default Authentication to KnoxSSO for Admin UI
+    * [KNOX-1320] - Upgrade JQuery in the KnoxAuth Application
+    * [KNOX-1327] - Log REST invocation error exceptions encountered during service discovery at ERROR level
+    * [KNOX-1322] - Support configuration property to forcibly treat topologies as read-only
+    * [KNOX-1314] - SSOCookieProvider should be able to derive a default provider URL
+    * [KNOX-1319] - Better logging when discovery fails to access service configurations
+    * [KNOX-1318] - Update available Admin UI services to include NiFi
+    * [KNOX-1317] - Ambari service discovery config handling of nested derived properties
+    * [KNOX-1193] - NiFi service discovery support
+    * [KNOX-1154] - Dump Kerberos settings upon startup. (Rick Kellogg via Phil Zampino)
+    * [KNOX-1310] - The X-Content-Type-Options header should be set as 'nosniff'
+    * [KNOX-1309] - Admin API resource names should be validated
+    * [KNOX-1308] - Implement safeguards against XML entity injection/expansion in the Admin API
+    * [KNOX-1227] - Add KnoxSSO and KnoxToken services to the new descriptor service options
+    * [KNOX-1266] - Employ gateway-site config for default discovery address and cluster values
+    * [KNOX-1275] - Add json-smart explicitly to gateway-spi (Saravanan Krishnamoorthy via lmccay)
+    * [KNOX-1306] - Remove requirement for cluster when discovery address is specified in admin UI new descriptor wizard.
+    * [KNOX-1193] - LOGSEARCH discovery support
+    * [KNOX-1305] - Add postfix and infix rewrite functions
+    * [KNOX-1236] - Support service discovery for YARNUIV2
+    * [KNOX-1202] - Validate resource names
+    * [KNOX-1300] - Add default provider configuration for demo LDAP to the distribution
+    * [KNOX-1193] - Add service discovery support for Spark Thrift UI
+    * [KNOX-1293] - Support for Ambari discovery of SPARK2 services
+    * [KNOX-1294] - Upgrade Jackson-Databind to 2.9.5
+    * [KNOX-1292] - Upgrade Groovy to 2.4.8
+    * [KNOX-1289] - Deletion of generated topology deletes associated descriptor file
+    * [KNOX-1135] - Add configuration property for allowing remote configuration to be read by unauthenticated clients
+    * [KNOX-1281] - HA provider configuration wizard should require the service name property value
+    * [KNOX-1279] - HaProvider wizard should include ability to specify ZooKeeper-related properties
+    * [KNOX-1257] - WebAppSec provider configuration wizard
+    * [KNOX-1276] - Improve HA provider configuration wizard
+    * [KNOX-1269] - Generate services declared in descriptor without URLs or params, but with valid HaProvider ZK config
+    * [KNOX-1267] - Add support for Ranger-related service discovery with HTTPS configurations
+    * [KNOX-1268] - Add support for HDFS-related service discovery with HTTPS configurations
+    * [KNOX-1258] - Add Anonymous authentication provider to provider config wizard options.
+    * [KNOX-1259] - Removed height restriction on resource type and resource list tables
+    * [KNOX-1263] - Admin UI provider config details should organize providers by role rather than name
+    * [KNOX-1187] - Support for Distributed Alias Service
+    * [KNOX-1182] - Removed lingering configuration, which is no longer used for RM-based services
+    * [KNOX-1233] - Excluded lang-tag from the pac4j-oidc dependency
+    * [KNOX-1243] - Normalize the required DNs that are Configured in KnoxToken Service
+    * [KNOX-1220] - HostMap provider configuration wizard option in Admin UI
+    * [KNOX-1212] - Support new YARN webui2 in Knox (Sunil Govindan via Phil Zampino)
+    * [KNOX-1153] - Support for determining whether HA is enabled or not from the service's configuration
+    * [KNOX-1215] - Hadoop Group Lookup Provider Config Wizard
+    * [KNOX-1229] - Ambari service discovery REST invocations need reasonable timeout
+    * [KNOX-1228] - Atlas HA ZooKeeper Config Discovery
+    * [KNOX-1224] - Knox Proxy HADispatcher to support Atlas in HA (Nixon Rodrigues via Phil Zampino)
+    * [KNOX-1219] - Eliminated duplicate useTwoWaySsl dispatch filter params
+    * [KNOX-1216] - Admin UI and runtime validation for new descriptor provider configuration reference
+    * [KNOX-1211] - Admin UI XSS/XSRF Protection
+    * [KNOX-1202] - Added UI elements to indicate invalid param values
+    * [KNOX-1202] - Descriptor and Provider Configuration Wizard Input Validation
+    * [KNOX-1190] - Compress cookies set by Pac4J, in some cases the cookie size exceeds 4K and cause them not to set.
+    * [KNOX-1200] - Update Apache parent pom version
+    * [KNOX-1193] - Discovery support for SOLR, STORM and STORM-LOGVIEWER, and config for additional support
+    * [KNOX-1198] - Support Ambari service discovery mappings override/augmentation with external config
+    * [KNOX-1193] - Added discovery support for LIVYSERVER, SPARKHISTORYUI, JOBHISTORYUI, YARNUI, FALCON, OOZIEUI, HBASEUI, HDFSUI, DRUID-COORDINATOR-UI and DRUID-OVERLORD-UI
+    * [KNOX-1194] - Safe loading and dumping of yaml, and filter empty-value properties from JSON output.
+    * [KNOX-1176] - Update provider configuration references if new reference is invalid
+    * [KNOX-1186] - Descriptors and Topology Generation Support for Service Versioning
+    * [KNOX-1167] - Support HDFS Federation in Knox topology generation
+    * [KNOX-1188] - Maintain provider parameter order in generated topologies
+    * [KNOX-1181] - Add support for RANGER and RANGERUI service endpoint discovery via Ambari
+    * [KNOX-1159] - Create ".sha1" files when releasing instead of ".sha"
+    * [KNOX-1040] - Added ability to edit provider params, service params, and provider URLs.
+    * [KNOX-1178] - Add test to ensure regex or support in RegexIdentityAssertionFilter
+    * [KNOX-1169] - Clear Cluster Configuration Monitor Cache When No Relevant Descriptors Remain
+    * [KNOX-1153] - Service-level overrides for HA provider configuration in generated topologies, and alternate provide config formats.
+
+** Bug
+    * [KNOX-1399] - Duplicate configuration for gateway.dispatch.whitelist in gateway-site.xml OOTB
+    * [KNOX-1398] - WebHDFS and WebHBase APIs listed incorrectly as services that need whitelist enforcement
+	  * [KNOX-1397] - Admin UI Topologies List needs to Refresh on New or Deleted Topologies
+	  * [KNOX-1396] - Admin UI Provider Config wizard URL validation requires a port
+    * [KNOX-1360] - Fix ambari broken images (Aleksandr Kovalenko via Sandeep More)
+    * [KNOX-1358] - Create new version definition for SHS (Marco Gaido via lmccay)
+    * [KNOX-1345] - Fix javadoc errors
+    * [KNOX-1353] - SHS always showing link to incomplete applications (Marco Gaido via lmccay)
+    * [KNOX-1356] - Fix X-Forwarded-Context header (Marco Gaido via Sandeep More)
+    * [KNOX-1352] - Service Discovery is not honoring the enabled attribute of HA Provider configuration
+    * [KNOX-1349] - Fix Knox versioning for service defs. (UnitTest to be followed in next commit)
+    * [KNOX-1348] - Provider Configuration Wizard HA Provider Validation for ZooKeeper Ensemble is Wrong
+    * [KNOX-1347] - X-Forwarded-Context header is not rewritten correctly
+    * [KNOX-1346] - SNI Mismatch Failures due to Wrong Host Header
+    * [KNOX-1344] - Atlas HA dispatch mishandling SSO redirection
+    * [KNOX-1342] - Prevent Host Header from being sent to Atlas
+    * [KNOX-1341] - Constrain cookies added to the HadoopAuthCookieStore
+    * [KNOX-1340] - HDFSUI proxy to a host specified in query string (Bharat Viswanadham via Sandeep More)
+    * [KNOX-1335] - Spark service discovery when SSL is configured
+    * [KNOX-1333] - Admin UI needs to handle SSO cookie expiration
+    * [KNOX-1149] - HBase High Availability Fails with Kerberos Secured Cluster
+    * [KNOX-1330] - Fix favicon for Zeppelin (Prabhjyot Singh via Sandeep More)
+    * [KNOX-1331] - Unable to update referenced (XML format) provider config from Admin UI
+    * [KNOX-1166] - Upgrade HTTPClient due to Hostname Verification Bug
+    * [KNOX-1326] - Fix the Datanode link on the Namenode page
+    * [KNOX-1314] - SSOCookieProvider derive a default provider URL with configured gateway.path and fix handling of X-FORWARDED-HOST with port in it.
+    * [KNOX-1324] - Remote Configuration Monitor should not log stacktrace when client is not configured
+    * [KNOX-1323] - Reconcile WebAppSecurity provider X-Frame-Options and X-Content-Type-Options param names
+    * [KNOX-1157] - Scoped rewrite rules are treated as global rules in some cases (Wei Han via Phil Zampino)
+    * [KNOX-1313] - Contributing provider config wizards incorrectly produce config when validation fails
+    * [KNOX-1310] - Handle custom param value for X-Content-Type-Options header
+    * [KNOX-1312] - Zeppelin-related discovery is incorrectly configured
+    * [KNOX-1311] - Ambari logos are not showing up in Ambari Web UI (Yusaku Sako via lmccay)
+    * [KNOX-1244] - YARNUIV2 fix HA support (Sunil Govind via Sandeep More)
+    * [KNOX-1274] - Update location headers to make sure SSO redirects are proper (Marco Gaido via Sandeep More)
+    * [KNOX-1295] - X-Forwarded-Context contains not the full base path in SHS request (Atilla Csoma and Marco Gaido via lmccay)
+    * [KNOX-1297] - HDFSUI requires its own HA Dispatch Provider
+    * [KNOX-1296] - Fix logging for remote alias service
+    * [KNOX-1114] - In case of port conflict log error and move on
+    * [KNOX-1287] - Invalid federated namenode namespace declaration should not produce invalid URLs in topologies.
+    * [KNOX-1288] - NPE during service discovery
+    * [KNOX-1249] - Fix rewrite issues with YarnUIV2 (Sunil Govind via Sandeep More)
+    * [KNOX-1283] - DefaultURLManager markFailed method throws NPE if urls is empty
+    * [KNOX-1277] - make sure HDFS UI is rendered correctly without a forward slash (Bharat Viswanadham  via Sandeep More)
+    * [KNOX-1282] - Update rewrite rules to reflect changes to content type (Bharat Viswanadham via Sandeep More)
+    * [KNOX-1264] - Fix job link under the jobHistoryUI (Sunil Govind via Sandeep)
+    * [KNOX-1278] - HaProvider wizard uses comma instead of semi-colon as delimiter
+    * [KNOX-1271] - AtlasZookeeperURLManager not handling empty namespace config values correctly
+    * [KNOX-1272] - ZEPPELINWS URLs are generated incorrectly
+    * [KNOX-1253] - TopologyService incorrectly reports failure to delete file that has been successfully deleted.
+    * [KNOX-1261] - Fix issue where listener is not decrypting the value before updating, fix  annoying error messages
+    * [KNOX-1254] - Make sure Remote Alias Registry prefers remote over local
+    * [KNOX-1256] - AclsAuthz provider wizard produces incorrect param
+    * [KNOX-1251] - Fix NPE in RemoteAliasService#stop()
+    * [KNOX-1246] - Update service config in Knox to support latest configurations for Ranger.(Vishal Suvagia via lmccay)
+    * [KNOX-1248] - AtlasZookeeperURLManager handle missing namespace property from Atlas config with appropriate default value
+    * [KNOX-1182] - For YARN HA, RESOURCEMANAGER service should have both active and standby endpoint URLs
+    * [KNOX-1242] - Fix rewrite rules for HDFS UI] - Datanode UI link
+    * [KNOX-1239] - HBaseZookeeperURLManager ignores configured ZooKeeper namespace
+    * [KNOX-1238] - Fix Custom Truststore Settings for Gateway
+    * [KNOX-1233] - Pac4j dependency causing intermittent compilation errors
+    * [KNOX-1230] - Many Concurrent Requests to Knox causes URL Mangling
+    * [KNOX-1231] - Atlas HA URL Manager must handle ZooKeeeper namespaces that begin with leading slash
+    * [KNOX-1223] - Fix redirect rules for Zeppelin /api/ticket (Prabhjyot Singh  via Sandeep More)
+    * [KNOX-1091] - Knox Audit Logging] - duplicate correlation ids (Kevin Risden via Sandeep More)
+    * [KNOX-1210] - Update response code from 403 to 401 for token validation failures (for XHR request)
+    * [KNOX-1210] - Fix token expiration for XHR request
+    * [KNOX-1217] - PAM auth provider configuration wizard should allow for specifying the login module/service
+    * [KNOX-1202] - Eliminate unintended persistence of UI-only provider configuration properties
+    * [KNOX-1208] - Fix WEBHBASE ZooKeeper ensemble discovery when proxying HA HBase
+    * [KNOX-1203] - Shiro-based provider configurations must be produced with correct param order from Admin UI
+    * [KNOX-1200] - Fixing maven assembly errors
+    * [KNOX-1201] - Disable DocTypes
+    * [KNOX-1195] - Some misc code cleanups
+    * [KNOX-1197] - Fix a bug where Anonymous auth is not picked up with federation provider
+    * [KNOX-1199] - fix missing ASL header
+    * [KNOX-1199] - Ambari View API for Tez View needs Double Quotes Encoded on Dispatch
+    * [KNOX-1192] - Make sure config variables such as defaultUrl get picked up
+    * [KNOX-1177] - Retighten the rewrite rule on oozieui to reduce false positives. Replace http with * in rule.
+    * [KNOX-1177] - Retighten the rewrite rule on oozieui to reduce false positives
+    * [KNOX-1108] - NiFiHaDispatch not failing over (Jeff Storck via lmccay)
+    * [KNOX-1040] - Fixed refresh after descriptor saving, and added editable discovery fields to descriptor detail view
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.0.0
+------------------------------------------------------------------------------
+** New Feature
+** Improvement
+    * [KNOX-998]  - Rename class packages to org.apache.knox.gateway
+    * [KNOX-1161] - Update hadoop dependencies to Hadoop 3 (Colm O hEigeartaigh, reviewed by Sandeep More)
+    * [KNOX-1043] - Ambari Service Discovery Support for HA-Enabled Services
+    * [KNOX-1144] - Establish provider configuration reference relationships for existing descriptors at gateway startup
+    * [KNOX-1137] - KnoxCLI For Listing Provider Configurations and Descriptors in a Remote Configuration Registry
+    * [KNOX-1145] - Upgrade Jackson due to CVE-2017-7525
+** Bug
+    * [KNOX-1151] - Need Explicit curator-recipes dependency in pom
+    * [KNOX-1141] - Coverity Issues Reported For AmbariConfigurationMonitor
+    * [KNOX-1116] - Builds of src distributions result in unexpected result from gateway version API.
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 0.14.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-1014] - Service Discovery and Topology Generation Framework (Phil Zampino via lmccay)
+    * [KNOX-1062] - Service-Level Parameter Support in Service Discovery and Topology Generation (Phil Zampino via lmccay)
+    * [KNOX-1077] - Knox should notice simple descriptors on startup (Phil Zampino via lmccay)
+    * [KNOX-1063] - Simple Descriptor discovery should notice YAML file with .yaml extension (Phil Zampino via lmccay)
+    * [KNOX-1105] - Provide indication that topologies were generated from simple descriptors (Phil Zampino via lmccay)
+    * [KNOX-1110] - Simple Descriptors Must Accommodate Application elements (Phil Zampino via lmccay)
+    * [KNOX-1039] - Added admin APIs for managing shared provider configurations and descriptors (Phil Zampino via Sandeep More)
+    * [KNOX-970] - Add NiFi HA dispatch to service def (Jeff Storck via lmccay)
+    * [KNOX-970] - Add support for proxying NiFi (Jeff Storck via lmccay)
+    * [KNOX-842] - Add support for Livy (Spark REST Service).
+    * [KNOX-1017] - Add support for enabling "Strict-Transport-Security" header in Knox responses (Latha Appanna via lmccay)
+    * [KNOX-1049] - Default Service or App Context for Topologies
+    * [KNOX-1041] - High Availability Support For Apache SOLR, HBase & Kafka (Rick Kellogg via Sandeep More)
+    * [KNOX-1046] - Add Client Cert Wanted Capability with Configurable Validation that Checks for It
+    * [KNOX-1072] - Add Client Cert Required Capability to KnoxToken
+    * [KNOX-1107] - Remote Configuration Registry Client Service (Phil Zampino via lmccay)
+    * [KNOX-1128] - Readonly protection for generated topologies in Knox Admin UI
+    * [KNOX-1013] - Monitor Ambari for Cluster Topology changes (Phil Zampino via lmccay)
+    * [KNOX-1136] - Provision Consistent Credentials For Generated Topologies (phil zampino via lmccay)
+    * [KNOX-1129] - Remote Configuration Monitor Should Define The Entries It Monitors If They're Not Yet Defined (Phil Zampino via lmccay)
+    * [KNOX-1125] - KNOXCLI Additions to Support Management of Knox config in remote registry (Phil Zampino via Sandeep More)
+** Improvement
+    * [KNOX-921] - Httpclient max connections are always set to default values
+    * [KNOX-1106] - Tighten the rewrite rule on oozieui to reduce false positives (Wei Han via Sandeep More)
+    * [KNOX-1104] - Test to verify behavior of HaProvider service with only a single URL ( Phil Zampino via Sandeep More)
+    * [KNOX-1034] - Make Default identity-assertion provider actually be the default
+    * [KNOX-1078] - Add option to preserve original string when lookup fails in regex based identity assertion provider (Wei Han via Sandeep More)
+    * [KNOX-1049] - add unit test to gatewayfiltertest
+    * [KNOX-1076] - Update nimbus-jose-jwt to 4.41.2
+    * [KNOX-1049] - check for null topology to avoid NPE in tests
+    * [KNOX-1088] - Remove LDAP BaseDirectoryService*
+    * [KNOX-1073] - Upgrade PAC4J to a more recent version
+    * [KNOX-1001] - Knox Shell Sqoop.Request class is Package Private (Andrei Viaryshka via lmccay)
+    * [KNOX-1021] - Should handle empty string for endpoint token service audience list
+    * [KNOX-1082] - Add support to validate the "nbf" claim for JWTs
+    * [KNOX-1067] - Support different signature algorithms for JWTs
+    * [KNOX-1045] - Knox Token Service has a trailing whitespace for the token_type attribute
+    * [KNOX-1081] - Remove Picketlink Provider Module
+    * [KNOX-895] - Pass Headers and Cookies to websocket backend
+    * [KNOX-1064] - Externalize Hadoop Service Configuration Details and Service URL Creation (Phil Zampino via Sandeep More)
+    * [KNOX-1070] - Drop support for Java 7 (Rick Kellogg via Sandeep More)
+    * [KNOX-1075 and KNOX-1070] - Enforce minimum maven and Java version (Rick Kellogg via Sandeep More)
+    * [KNOX-1048] - Knoxshell samples missing hadoop-examples.jar
+    * [KNOX-1069] - KnoxSSO token audience config should trim values
+    * [KNOX-1055] - Spark page characters & should be treated as a delimiter (Mars via Sandeep More)
+    * [KNOX-1074] - Workflow Manager view fails to load when using ambari through KNOX (Venkatasairam Lanka via lmccay)
+    * [KNOX-1071] - Replace java.util.Random with SecureRandom
+    * [KNOX-1014] - remove extraneous directory
+    * [KNOX-1065] - Add some unit tests for the DefaultTokenAuthorityService
+    * [KNOX-1060] - JWT.getExpires() returns null
+    * [KNOX-1058] - Fix JWTToken.parseToken
+    * [KNOX-1036] - Fix a number of issues relating to JWTokenAuthority
+    * [KNOX-1054] - Make DefaultURLManager thread-safe (Phil Zampino via Sandeep More)
+    * [KNOX-1052] - Add some tests for the Knox SSO Service
+    * [KNOX-1049] - Default Service or App Context for Topologies
+    * [KNOX-1042] - Fix test timeout (Phil Zampino via Sandeep More)
+    * [KNOX-1047] - Add some tests for the Knox Token Service
+    * [KNOX-1044] - Change Rest Assured "expect" to "then"
+    * [KNOX-1038] - Replace deprecated rest-assured "content" call with "body"
+    * [KNOX-1037] - Upgrade rest-assured dependency
+    * [KNOX-1035] - Move JWTTokenTest to gateway-spi module + add more tests
+    * [KNOX-1027] - Add support to configure the issuer for the JWT filters
+    * [KNOX-1028] - X-Frame-Options and other security headers are ineffective
+    * [KNOX-962] - Add signature validation tests for the JWT filters
+    * [KNOX-1024] - Add Kafka test to GatewayBasicFuncTest
+    * [KNOX-1020] - Minor code improvements
+    * [KNOX-1019] - Remove test-driver "hack" to copy services
+    * [KNOX-1018] - Remove junit.framework calls
+    * [KNOX-738] - Remove references to deprecated httpclient class DefaultHttpClient
+    * [KNOX-963] - Use GatewayTestDriver to configure LDAP in gateway-tests
+    * [KNOX-978] - Add a test for the SOLR REST API
+    * [KNOX-989] - Report metrics at service level (/webhdfs/v1) instead of url with args (/webhdfs/v1/?op=LISTSTATUS) (Mohammad Kamrul Islam via Sandeep More)
+    * [KNOX-993] - The samples README for knoxshell references the 0.5.0 userguide
+    * [KNOX-992] - Add README for the knoxshell distribution (Colm O hEigeartaigh and lmccay via lmccay)
+    * [KNOX-1119] - Pac4J OAuth/OpenID Principal Needs to be Configurable (Andreas Hildebrandt via lmccay)
+    * [KNOX-1120] - Pac4J Stop Using ConfigSingleton
+    * [KNOX-1128] - Readonly protection for generated topologies in Knox Admin UI
+    * [KNOX-1083] - HttpClient default timeout will be 20 sec
+    * [KNOX-1124] - Service Discovery Doesn't Work For Simple Descriptors With .yaml Extension (Phil Zampino  via Sandeep More)
+    * [KNOX-1117] - HostMap Provider configuration comment in topologies included with Knox has typos (Phil Zampino via Sandeep More)
+    * [KNOX-1119] - Add missing tests for valid and invalid id attributes
+    * [KNOX-1128] - Readonly protection for generated topologies in Knox Admin UI
+** Bug
+    * [KNOX-1003] - Fix the rewrite rules for Zeppelin 0.7.2 UI
+    * [KNOX-1004] - Failing (flaky) Knox unit tests
+    * [KNOX-1005] - WebHbase get rid of extra decoding
+    * [KNOX-1061] - KnoxSSO Redirects with Query Params in the OriginalUrl Broken
+    * [KNOX-1068] - Add support for HTTP Head request
+    * [KNOX-1079] - Regression: proxy for Atlas fails with j_spring_security_check during login (Madhan Neethiraj via lmccay)
+    * [KNOX-1022] - Configuring knox token ttl to higher value generates an access token which is not valid
+    * [KNOX-1118] - Remove POC Service Definition for AmbariUI
+    * [KNOX-1134] - Regression due to KNOX-1119
+    * [KNOX-1132] - Address Coverity Defects in gateway-service-remoteconfig (Phil Zampino via lmccay)
+    * [KNOX-1139] - Fix threapool size for UnitTests (Attila Csoma via Sandeep More)
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 0.13.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-976] - Add Jupyter Kernel Gateway Service Definitions (Jesus Alvarez via lmccay)
+    * [KNOX-626] - NameNode UI through Knox has various tabs not working
+    * [KNOX-975] - Add NodeManager Service Definition
+    * [KNOX-982] - Datanode JMX REST Knox service
+    * [KNOX-974] - Update HDFS UI services
+    * [KNOX-973] - Update Yarn UI services
+    * [KNOX-786] - Spark Thriftserver UI support through Knox (Chandana Mirashi via lmccay)
+    * [KNOX-981] - Make Topology Instance Available in WebContext for Runtime Access
+    * [KNOX-788] - Apache Atlas Admin UI Support through Knox (Nixon Rodrigues via Sandeep More)
+    * [KNOX-789] - Apache Atlas REST API support (Nixon Rodrigues via Sandeep More)
+    * [KNOX-940] - Support REST access exposing metrics (Mohammad Kamrul Islam via Sandeep More)
+    * [KNOX-932] - Option to remove the server-name from HTTP-header response (Lawrence McCay IV via lmccay)
+    * [KNOX-768] - Apache Kafka REST API Support (Rick Kellogg via Sandeep More)
+    * [KNOX-751] - Need rewrite function to capture href information from single page host to rewrite output of node hosts (Jeffrey E Rodriguez via lmccay)
+    * [KNOX-928] - Support Default Topology Feature and some misc fixes
+    * [KNOX-928] - Topology Port Mapping Feature
+    * [KNOX-938] - JWTProvider to accept Query Param as well as Bearer Token
+    * [KNOX-390] - extended to include proxy provided headers such as X-Forwarded-For
+    * [KNOX-390] - Include client IP and HTTP verb in audit log
+** Improvement
+    * [KNOX-909] - Ambari rewrite update for SmartSense
+    * [KNOX-910] - Move from SHA-1 to SHA-256 (Jeffrey E Rodriguez via Sandeep More)
+    * [KNOX-917] - Fix Pig view in Ambari (Gaurav Nagar via Sandeep More)
+    * [KNOX-920] - Make avatica service use default policies
+    * [KNOX-923] - Add ClientData to KnoxToken Service to Include in JSON Response
+    * [KNOX-911] - Ability to scope cookies to a given Path (Attila Kanto via lmccay)
+    * [KNOX-892] - Fix FindBugs "Dodgy Code" issues (Colm O hEigeartaigh via lmccay)
+    * [KNOX-816] - Make private inner classes static (Colm O hEigeartaigh via lmccay)
+    * [KNOX-849] - Fix SimplePrincipalMapper and CommonIdentityAssertionFilter
+    * [KNOX-930] - ScopingCookies Feature Logging too Much
+    * [KNOX-939] - Missing Licenses Element in POM files
+    * [KNOX-937] - Remove redundant type information from Collections (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-944] - Make PBE Hashing, Iteration Count and Salt Configurable and Manageable
+    * [KNOX-942] - Remove extraneous spaces around '=' (Colm O hEigeartaigh via lmccay)
+    * [KNOX-948] - Refactor AbstractJWTFilter implementations (Colm O hEigeartaigh via lmccay)
+    * [KNOX-928] - minor fix for templating of ConcurrentHashMap usage
+    * [KNOX-952] - Add common tests for the two JWT filters (Colm O hEigeartaigh via lmccay)
+    * [KNOX-946] - Spelling (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-954] - Properly handle parsing errors for JWT tokens
+    * [KNOX-956] - Consolidate ldif files in gateway-tests  (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-957] - Remove hard-coded versions from gateway-test-release (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-947] - SSOCookieProvider to be configurable for signature verification key/PEM
+    * [KNOX-958] - Consolidate test config/drivers (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-759] - jansi dependency causes issues starting knox shell (Colm O hEigeartaigh via lmccay)
+    * [KNOX-964] - upgrade to httpclient 4.5.3 to avoid licensing issues HTTPCLIENT-1743/LEGAL-240 (Jeffrey E Rodriguez via lmccay)
+    * [KNOX-965] - SecureQueryDecryptProcessor decode call could return null thus it would get a NPE (Jeffrey E Rodriguez via lmccay)
+    * [KNOX-967] - Duplicate dependencies defined in root pom (Colm O hEigeartaigh via lmccay )
+    * [KNOX-776] - Rewrite rule handling for Websockets (Jesus Alvarez via Sandeep More)
+    * [KNOX-977] - Exclude extraneous bundle.map in admin-ui file from release
+    * [KNOX-789] - Add specific policy definition to Atlas (Nixon Rodrigues via lmccay)
+    * [KNOX-972] - Update Hbase UI service (Jeffrey E Rodriguez via lmccay)
+    * [KNOX-986] - JMX Metric Reporter and OutOfMemory Issues (Zsombor Gegesy via Sandeep More)
+** Bug
+    * [KNOX-908] - Update copyright in NOTICE file
+    * [KNOX-918] - Static Member for redirectToUrl in Shiro RedirectToFilter
+    * [KNOX-913] - Invalid login.jsp redirect for Ranger Admin UI
+    * [KNOX-936] - On websocket error properly close all the sessions and containers.
+    * [KNOX-933] - PicketLink Provider must set Secure and HTTPOnly flags on Cookie (Krishna Pandey via lmccay)
+    * [KNOX-950] - Fix a bug that prevents wss:// protocol from connection to websocket backend.
+    * [KNOX-960] - Fix build failures
+    * [KNOX-966] - NPE when Shiro is misconfigured (Rob Vesse via lmccay)
+    * [KNOX-754] - Revert KNOX-754 scope change to just the Location header"
+    * [KNOX-690] - Revert KNOX-690 fixing the encoding/decoding in the parser and template
+    * [KNOX-949] - WeBHDFS proxy replaces %20 encoded spaces in URL with + encoding
+    * [KNOX-995] - KnoxSSO Form IDP Issue with Firefox
+    * [KNOX-992] - Add README for the knoxshell distribution (Colm O hEigeartaigh and lmccay via lmccay)
+    * [KNOX-993] - The samples README for knoxshell references the 0.5.0 userguide
+    * [KNOX-994] - Introducing a new variable that enhances the function, needed for Zeppelin / fix
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 0.12.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-841] - Proxy support for Solr UI and API
+    * [KNOX-719] - YARN RM HA implementation for REST API and UI (Jeffrey E Rodriguez and Sumit Gupta)
+    * [KNOX-848] - Support for Gremlin Server REST (Shi Wang via Sumit Gupta)
+    * [KNOX-861] - Support for pluggable validator for Header pre authentication provider (Mohammad Kamrul Islam via Sandeep More)
+    * [KNOX-850] - KnoxToken API for Acquiring a Knox Access Token
+    * [KNOX-710] - Support Zeppelin UI through Knox
+    * [KNOX-865] - Added a release module for KnoxShell
+    * [KNOX-881] - Add KnoxSh init, list and destroy to knoxshell.sh
+** Improvement
+    * [KNOX-841] - Changed version number for Solr proxy support
+    * [KNOX-890] - Make IdleTimeout Configurable in Knox Gateway Server (make default 5 mins)
+    * [KNOX-890] - Make IdleTimeout Configurable in Knox Gateway Server
+    * [KNOX-845] - refactoring for the release tests
+    * [KNOX-868] - Add /ext/native to java.library.path in gateway.sh (Mohammad Kamrul Islam via Sandeep More)
+    * [KNOX-869] - Support for multiple pre-auth validaors (Mohammad Kamrul Islam via Sandeep More)
+    * [KNOX-839] - new ant tasks to help with admin-ui development
+    * [KNOX-873] - JWTFederationFilter must Validate Expected Audiences
+    * [KNOX-874] - Updated hadoop dependency in root pom
+    * [KNOX-864] - Making gateway and ldap scripts upstart compatible (Attila Kanto via Sumit Gupta)
+    * [KNOX-854] - Consolidate DocumentBuilderFactory calls + enable SECURE_PROCESSING (Colm O hEigeartaigh via Sumit Gupta)
+    * [KNOX-828] - Adding truncate for HBase table in KnoxShell (Vincent Devillers via Sumit Gupta)
+    * [KNOX-845] - Added webhdfs groovy shell tests using MiniDFSCluster
+    * [KNOX-806] - Implement Closeable for deallocable resources (Vincent Devillers via Sumit Gupta)
+    * [KNOX-805] - ability to define custom HttpClient (Vincent Devillers via Sumit Gupta)
+    * [KNOX-809] - Enhance the 'put' in HFDS for ClientDSL (Vincent Devillers via Sumit Gupta)
+    * [KNOX-810] - Add status in HDFS for ClientDSL (Vincent Devillers via Sumit Gupta)
+    * [KNOX-813] - Added rename in HDFS for ClientDSL (Vincent Devillers/Khanh Maudoux via Sumit Gupta)
+    * [KNOX-858] - Simplifying Hamcrest dependencies (Colm O hEigeartaigh via Sumit Gupta)
+** Bug
+    * [KNOX-876] - Fix FindBugs "Experimental" issues (Colm O hEigeartaigh via lmccay)
+    * [KNOX-883] - Fix FindBugs "Correctness" issues (Colm O hEigeartaigh via lmccay)
+    * [KNOX-730] - pac4jRequestedUrl = null after saml2 assertion is parsed
+    * [KNOX-879] - Fix url encoding issue for KnoxSSO
+    * [KNOX-875] - Added version element to topology schema (Jeffrey E Rodriguez via Sandeep More)
+    * [KNOX-866] - Fix validate-topology cli command (Richard Ding via Sandeep More)
+    * [KNOX-863] - Consolidate TransformerFactory calls + enable (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-877] - Coverity Scan Cleanup
+    * [KNOX-871] - Fix FindBugs -  Malicious code vulnerability (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-769] - Fix SecureClusterTest for Java 1.7
+    * [KNOX-867] - Fix FindBugs, bad practice issues (Colm O hEigeartaigh via Sandeep More)
+    * [KNOX-838] - Admin UI title change
+    * [KNOX-820] - Changed the originalUrl parsing so that multiple query params get included
+    * [KNOX-859] - Added rule for app.*.js, extensions, jax, and components (Prabhjyot Singh via Sandeep More)
+    * [KNOX-855] - Add application/x-javascript mime type to the list of compressed resources and make it configurable
+    * [KNOX-836] - Fix for websocket termination based on message size (Sandeep More via Sumit Gupta)
+    * [KNOX-903] - KnoxShell allows self signed certs to be used without any checks
+    * [KNOX-900] - In the WebsocketMultipleConnectionTest before sending data check whether the socket is active
+    * [KNOX-897] - X-Forwarded-Port incorrectly defaults to the one configured for Knox if standard ports (80 and 443) are used (Attila Kanto via Sandeep More)
+	  * [KNOX-901] - Finding free ports for namenode
+	  * [KNOX-902] - Fix the hardcoded knoxsso topology name (Attila Kanto via Sandeep More)
+	  * [KNOX-904] - Reverting back httpclient to 4.5.1 due to bug in 4.5.2
+    * [KNOX-905] - added httpclient properties to knoxshell log4j properties file
+	  * [KNOX-906] - Log WARN of Removed Impersonation Params
+    * [KNOX-907] - Ambari Hive 2.0 view fix
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 0.11.0
+------------------------------------------------------------------------------
+** New Feature
+    * [KNOX-643] - Initial metrics api and implementation
+    * [KNOX-237] - Hadoop Group Mapping as a Knox Provider (Sandeep More via lmccay)
+    * [KNOX-817] - Gateway service definition for Avatica (Josh Elser via lmccay)
+    * [KNOX-528] - Support for Apache SOLR REST APIs (Kevin Risden, John McParland via lmccay)
+    * [KNOX-758] - Druid services (Nishant Bangarwa via Sumit Gupta)
+    * [KNOX-749] - Initial admin UI source project and productized distribution
+** Improvement
+    * [KNOX-744] - Logout for KnoxSSO WebSSO API
+    * [KNOX-795] - Make KnoxSSO Cookie Name Configurable
+    * [KNOX-763] - Added rewrite filter apply capability to text values in html content
+** Bug
+    * [KNOX-779] - Exclude older org.codehaus.jackson dependencies from build cycle

[... 662 lines stripped ...]