Description
This change will update the ad.xml template to represent the more common AD config that uses sAMAccountName rather than simple ca name binds.
It will also add an sandbox-apps.xml template that illustrates the use of the SSOCookieProvider to proxy services and applications that consume hadoop REST APIs.
Also adding XFS protection through WebAppSec provider to the default knoxsso.xml and sandbox.xml topologies/templates. This protects against clickjacking, etc and should be available out of the box for web apps.