Published Release Notes

New hashing algorithm for Password property types

To provide extra protection against brute-force attacks, a new hashing algorithm has been added to the Pega 7 Platform. Bcrypt is used as a default hashing algorithm for Password property types. The bcrypt key setup algorithm takes a long time to process. This means that potential attackers would have to spend a substantial amount of time testing every possible key.

For more information, see Using the bcrypt hashing algorithm for Password property types.

Discovery features for access control policies

Access control policies now support discovery features that allow end users to view limited, customizable information about class instances that fail Read policies but satisfy Discover policies. Two types of Discovery gadgets are provided, and when discovery features are enabled, a Discovery gadget is included in the Report Viewer and in search results. Developers can customize these gadgets and include them in other parts of an application user interface.

For more information, see Discovery features for access control policies.

Update and delete actions available in access control policies

Access control policies support update and delete actions on objects. These actions control which specific instances of a class can be created, updated, or deleted by an end user in a case.

For more information, see Creating an access control policy.

Terminate sessions for operators from outside the Pega 7 Platform

The newly added Users REST API allows an authorized administrator to terminate sessions for one or more operator IDs from outside the Pega^® 7 Platform. A typical use case for this API is to terminate a user’s session when the user's security credentials, which are stored externally, are known to have changed.

Access the Pega API by clicking Resources > Pega API.

New formats for styling report data grids

When you view a report, the data grid that is displayed is now styled by using either the List report format or the Summarized report format, depending on the report type. With this enhancement, you can display report data differently, and perhaps more effectively, than other grids in your portal. In the skin of your application, these new formats will be added and upgraded automatically by copying the Default format for the Trees & grids layout type, which was previously used to style reports.

For more information, see Modifying data grid formats for reports.

Conditional filter logic supported in access control policy conditions

In the Access Control Policy Condition rule form, you can now add conditional logic that allows you to apply different access control policy conditions based on different situations, such as different types of users. The policy condition filters that are enforced  are based on the results of Access When rules. Conditional filters can be configured to allow certain highly privileged users to bypass access control security in certain situations. This is accomplished by entering an Access When but leaving the conditional logic field blank.  When such a filter is applied to a read access policy it also should be applied to the corresponding discover policy.

For more information, see Creating an access control policy condition.

BIX -I command-line option fails for unexposed properties

Business Intelligence Exchange (BIX) command-line extractions fail when the extract has a filter that uses unexposed property references that are passed in by the input file that you specified in the -I command-line option. Previously, the BIX extraction ignored the filter and the extraction did not fail.

BIX filtering now works like report filtering

Filtering for Business Intelligence Exchange (BIX) extracts has been enhanced to work like report filtering, making it easier to use. Existing filters that use the Contains/DoesNotContain filter operation will be converted to use the Equals/NotEquals filter operation.

New PEGA0084 alert - Search node count

The PEGA0084 alert is generated when the number of available index host nodes does not meet the quorum ((replicas/2) + 1) required for index writes to succeed. This alert can occur when some of the index nodes go down, causing the number of available index host nodes to be less than the quorum. For more information, see PEGA0084 - Search node count.

Use Kerberos credentials in a Pega application to authenticate and access external systems

Authentication services now support Kerberos as an authentication type. When you connect from the Pega 7 Platform to external systems and services that require Kerberos authentication, the Pega 7 Platform stores the user Kerberos credentials and makes them available in Pega 7 Platform connectors.

For more information, see Using Kerberos credentials in a Pega application to authenticate and access external systems.