...
- Make PBE Hashing, Iteration Count and Salt Configurable and Manageable (KNOX-944) DONE
- Make key sizes configurable for self-signed cert creation, etc
- Ensure that HTTPOnly and Secure flags are set on all cookies (KNOX-933) DONE
- Protect against LDAP Injection in the KnoxLdapRealm
- Ensure that the above improvements are backward compatible with deployed knox instances
- Ensure that the above configurable items are able to be configured prior to first start and the use of defaults (like in Ambari)
- SSOCookieProvider to be configurable for signature verification key/PEM (KNOX-947) DONE
2. Identity Broker APIs (KNOX-929)
...