Published Release Notes

Pega File Listener process changes

Beginning with Pega 7.2.2, File Listener processes files in a different way:

• File movement in directories – Previously, files were processed from the Work directory. In Pega 7.2.2, files are processed from the source location. Files move to the Work directory only if the initial processing fails and Recovery is disabled.
• New file processing – Previously, File Listener would process all files in the source location, even if the files were added during the processing. In Pega 7.2.2, files added to the source location during processing are read the next time the File Listener starts.

For more information, see File Listener data instances.

Automatically process cases with Box

You can now use Box to store attachments during automated case processing without requiring user input at run time for authentication or authorization with Box. The authentication profile must be OAuth 2.0 with a grant type of authorization code. You can view which apps are connected, connect apps, and disconnect apps on the Connected apps landing page.

For more information, see Connected apps landing page.

Single sign-on (SSO) support for Box

You can now use SSO integration with Box so that users who have already been authenticated are not asked to reauthenticate when accessing Box from their Pega application. The Pega application and the Box application must use the same identity provider federation. This capability provides an integrated user experience and supports automated case processing of attachments.

For more information, see Authentication Profile data instances - Completing the OAuth 2.0 tab.

Send and receive queued messages securely with IBM MQ servers

You can now configure applications developed on the Pega 7 Platform for secure message queuing with IBM MQ servers by using the MQ server rule form. You secure the connection by specifying the cipher suites with encryption standards that meet your requirements and the SSL/TLS X.509 certificates that you use for authentication.

For more information, see Configure secure message queuing with IBM MQ servers.

SAML 2.0 single sign-on authentication in multitenant environments

Multitenant application environments can now use SAML 2.0 for single sign-on (SSO) and single logout (SLO). Application users can access any authorized SSO multitenant applications without logging in to each application individually. SAML simplifies the login and logout process for users, mitigates security risks, and reduces the implementation costs that are associated with identity management.

For more information about configuring SAML 2.0 for single sign-on, see Web single sign-on (SSO) with SAML 2.0.

New PegaRULES:PegaAPISysAdmin​ role

The role PegaRULES:PegaAPISysAdmin​ has been added to the Pega 7 Platform. This required role gives system administrators access to the Pega API REST User Services and is not required for other services.

For more information, see Securing the Pega API.

Issue with the Sandbox directive on the Content Security Policy rule form has been fixed

An issue that related to the Sandbox directive not being applied, even after a value in the Content Security Policy rule form was selected, has been fixed. As a result, restrictions that are applied based on the settings in the Sandbox directive are now more closely aligned with the World Wide Web Consortium (W3C) specification than in previous releases. You should test your Content Security Policy to ensure that this change does not cause unexpected behavior in your application, such as making the security policy too restrictive.

Functionality of the pyInvokeRESTConnector rule and the pxDeferenceEndpoint rule moved to core engine

The functionality of the pyInvokeRESTConnector rule and the pxDeferenceEndpoint rule has been moved into the core engine code of the Pega 7 Platform. This change provides more consistent behavior, reduces maintenance, and reduces the risk of regression issues. As a result, you can no longer customize these rules, and upgrading the Pega 7 Platform requires special considerations if you previously customized these rules.

For more information, see Upgrading with customized pyInvokeRESTConnector and pxDeferenceEndpoint rules.

Logging service now uses Apache Log4j 2

The Pega^® Platform now uses the Apache Log4j 2 logging service. Apache Log4j 2 improves performance and provides support for all log file appender types. As a result of this upgrade, the prlogging.xml file has been renamed to prlog4j2.xml and the format of the file has changed considerably.

For details about the new file format see Pega Platform logging with the Log4j 2 logging service.

For new installations or for upgrades to systems that were using the default logging configuration, no changes are needed. For information about updating custom log files after upgrading, see Customizations to the prlogging.xml file must be manually ported after upgrade. For information about updating your socket server if you use remote logging, see Socket server has changed for remote logging. For information about updated the web.xml file after upgrading, see Log file description in web.xml incorrect after upgrade to Apache Log4j2.

Customizations to the prlogging.xml file must be manually ported after upgrade

As a result of the upgrade from the Apache Log4j 1 logging service to the Apache Log4j 2 logging service, the name of the logging configuration file has changed from prlogging.xml to prlog4j2.xml and the format of the file has changed considerably. If you customized your prlogging.xml file, port the customizations to the new prlog4j2.xml file. If you do not port the changes, the Pega^® Platform uses the default prlog4j2.xml file and disregards your customized prlogging.xml file.

For more information about customizing your log files, see the Apache Log4j 2 documentation.