Release Notes
Also available as:
PDF

Knox

This release provides Knox 0.12.0 and the following Apache patches:

  • KNOX-1076: Update nimbus-jose-jwt to 4.41.2.

  • KNOX-1083: HttpClient default timeout will be 20 sec.

  • KNOX-1108: NiFiHaDispatch not failing over.

  • KNOX-1119: Pac4J OAuth/OpenID Principal Needs to be Configurable (Andreas Hildebrandt via lmccay).

  • KNOX-1145: Upgrade Jackson due to CVE-2017-7525.

  • KNOX-1190: Compress cookies set by Pac4J, in some cases the cookie size exceeds 4K and cause them not to set.

  • KNOX-1197: Fix a bug where Anonymous auth is not picked up with federation provider.

  • KNOX-1199: Ambari View API for Tez View needs Double Quotes Encoded on Dispatch.

HDP 2.6.4 provided Knox 0.12.0 with no additional Apache patches.

HDP 2.6.3 provided Knox 0.12.0 with no additional Apache patches.

HDP 2.6.2 provides Knox 0.12.0 and the following Apache patches:

  • KNOX-390: fix of backport merge issue.

  • KNOX-390: Include client IP and HTTP verb in audit log.

  • KNOX-626: NameNode UI through Knox has various tabs not working.

  • KNOX-751: Need rewrite function to capture href information from single page host to rewrite output of node hosts.

  • KNOX-776: Rewrite rule handling for Websockets.

  • KNOX-786: Spark Thriftserver UI support through Knox.

  • KNOX-841: Changed version number for Solr proxy support.

  • KNOX-890: Make IdleTimeout Configurable in Knox Gateway Server (make default 5 mins).

  • KNOX-897: X-Forwarded-Port incorrectly defaults to the one configured for Knox if standard ports (80 and 443) are used (Attila Kanto via Sandeep More).

  • KNOX-900: In the WebsocketMultipleConnectionTest before sending data check whether the socket is active.

  • KNOX-902: Fix the hardcoded knoxsso topology name.

  • KNOX-903: KnoxShell allows self signed certs to be used without any checks.

  • KNOX-904: Reverting back httpclient to 4.5.1 due to bug in 4.5.2.

  • KNOX-906: Log WARN of Removed Impersonation Params.

  • KNOX-909: Ambari rewrite update for SmartSense.

  • KNOX-911: Ability to scope cookies to a given Path.

  • KNOX-913: Invalid login.jsp redirect for Ranger Admin UI.

  • KNOX-917: Fix Pig view in Ambari.

  • KNOX-920: Make avatica service use default policies.

  • KNOX-923: Add ClientData to KnoxToken Service to Include in JSON Response.

  • KNOX-928: Topology Port Mapping Feature.

  • KNOX-932: Option to remove the server-name from HTTP-header response.

  • KNOX-936: On websocket error properly close all the sessions and containers..

  • KNOX-938: JWTProvider to accept Query Param as well as Bearer Token.

  • KNOX-944: Make PBE Hashing, Iteration Count and Salt Configurable and Manageable.

  • KNOX-947: SSOCookieProvider to be configurable for signature verification key/PEM.

  • KNOX-947: SSOCookieProvider to be configurable for signature verification key/PEM.

  • KNOX-948: Refactor AbstractJWTFilter implementations.

  • KNOX-948: Refactor AbstractJWTFilter implementations.

  • KNOX-949: WeBHDFS proxy replaces %20 encoded spaces in URL with + encoding.

  • KNOX-950: Fix a bug that prevents wss:// protocol from connection to websocket backend..

  • KNOX-952: Add common tests for the two JWT filters.

  • KNOX-954: Properly handle parsing errors for JWT tokens.

  • KNOX-973: Update Yarn UI services.

  • KNOX-974: Update HDFS UI services.

  • KNOX-975: Add NodeManager Service Definition.

  • KNOX-977: Exclude extraneous bundle.map in admin-ui file from release.

  • KNOX-981: Make Topology Instance Available in WebContext for Runtime Access.

  • KNOX-982: Datanode JMX REST Knox service.

  • KNOX-986: JMX Metric Reporter and OutOfMemory Issues.

  • KNOX-994: Introducing a new variable that enhances the function, needed for Zeppelin / fix.

  • KNOX-995: KnoxSSO Form IDP Issue with Firefox.

HDP 2.6.1 provided Knox 0.12.0 with no additional Apache patches.

HDP 2.6.0 provided Knox 0.12.0 with no additional Apache patches.