Add changelogs for 3.1.7-rc1

docs/en/changelogs/index.md

@@ -80,6 +80,8 @@ For information on how to upgrade to newer versions consult the [upgrading](/ins
 
 ## Alpha/beta/release candidate
 
+ * [3.1.7-rc1](rc/3.1.7-rc1) - 8 November 2014
+
  * [3.1.6-rc3](rc/3.1.6-rc3) - 18 August 2014
  * [3.1.6-rc2](rc/3.1.6-rc2) - 12 August 2014
  * [3.1.6-rc1](rc/3.1.6-rc1) - 5 August 2014

docs/en/changelogs/rc/3.1.7-rc1.md

@@ -0,0 +1,27 @@
+# 3.1.7-rc1
+
+## Upgrading
+
+### Authentication
+
+3.1.7 introduces a re-authentication feature, which allows user working in the CMS to quickly re-enter their password
+and continue working should their session expire. This occurs through a popup dialog, which asks the user for their
+current password to continue working.
+
+If using a custom `[api:Authenticator]` class to replace the default MemberAuthenticator, then by default this feature
+will be disabled. If multiple authenticators are used, only supported ones will be available within the CMS.
+
+In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
+methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
+
+Check the documentation at the [Authentication](/topics/authentication) topic.
+
+### Default Admin
+
+In this version the way that the default admin user is managed is slightly changed. Rather than defaulting to the first
+administrator user in the CMS, a user logging in as a default admin will always be assigned to a "Default Admin"
+user with admin privileges. In the past, this user would only be created if no other administrators existed.
+
+## Security
+
+* 2014-07-05 [c247dd5](https://github.com/silverstripe/silverstripe-framework/commit/c247dd5) Add default $lock_out_after_incorrect_logins value [SS-2014-016].