INC-189811 · Issue 679935
Updated XMLDataToPage privilege
Resolved in Pega Version 8.7
Cases were not being created or moved due to a privilege issue on EndUser portal after update. This was traced to the XmlDataToPage activity now including the OpenDeveloperForm privilege, which end user operator profiles do not have. This was a missed use case, and has been resolved by updating XMLDataToPage so it requires authentication but not privilege to run.
INC-172692 · Issue 650615
InsID will be derived from handle if null for upgrade
Resolved in Pega Version 8.7
Upgrade from Pega 7 to Pega 8 failed with a null pointer exception in the “Upgrade Context” target. This was traced to a rule where the pxInsID was null. To resolve this, an update has been made to derive the InsID from handle when needed.
INC-169310 · Issue 649714
Cache check added for SQL queries
Resolved in Pega Version 8.7
When performing load testing, a high number of gets were seen for some SQL Queries. In order to improve performance, a check has been added in GlobalTrustStoreCacheImpl.java to assess whether the cache has been initialized or not.
INC-164336 · Issue 634151
URL validation updated to handle custom token endpoints
Resolved in Pega Version 8.7
While saving an authentication profile with OAuth details, validation was failing for a valid URL given in the access token endpoint and revoke token endpoint fields. This was traced to the use of the Apache URL validator, which considered some domains to be invalid. To resolve this, the urlvalidator constructor has been updated to include a custom RegexValidator for access token and refresh token URLs.
INC-190384 · Issue 676573
URL validation updated to handle custom token endpoints
Resolved in Pega Version 8.7
While saving an authentication profile with OAuth details, validation was failing for a valid URL given in the access token endpoint and revoke token endpoint fields. This was traced to the use of the Apache URL validator, which considered some domains to be invalid. To resolve this, the urlvalidator constructor has been updated to include a custom RegexValidator for access token and refresh token URLs.
INC-166995 · Issue 642440
DeleteDocumentPg added to allow list
Resolved in Pega Version 8.7
During performance testing with CSRF settings enabled, a '403 Forbidden' error was seen in the network trace when FinishAssignment called pyActivity=pyDeleteDocument on close action. This has been resolved by adding pyDeleteDocumentPg to the list of allowed activities.
INC-163043 · Issue 645390
PEGA SOAP Service MTOM attachment handling updated
Resolved in Pega Version 8.7
After configuring a PEGA SOAP service with the Enable MTOM checked, sending a SOAP request with attachment to the service returned an invalid request error stating "Value of content length header is greater than zero - [762], but this request has empty POST". Investigation showed that when the input request reached the getPostBytes method and inputstream tried to read it, there were no available bytes and end of file was detected. This was due to the inputstream having already been read in getMultiPartSOAPHandler() method in FileUploadHandler class. To resolve this, the system will update an 'if' condition in getPostBytes method to skip reading the request attachment when contentType is "multipart/related".
INC-193442 · Issue 679178
ServicePackage thread handling improvements
Resolved in Pega Version 8.7
Work recently done to improve the release of requestor pool threads for the ServicePackage has been further enhanced by adding an explicit status notification to the thread waiting for Data Pages to be loaded in background and added support for the use case of a missing object handler. This also resolves a 504 Gateway Time-out error intermittently seen while trying to open the URL of the Pega application.
INC-185251 · Issue 674906
Locking APIs updated to handle CDK key rotation
Resolved in Pega Version 8.7
it was not possible to save cases for several hours following the CDK key rotation. This was traced to an exception that caused the system to attempt to acquire a lock on the CDK key instance, and normal save behavior would resume after the default sys lock time out period expired. This has been resolved by updating the system to use LockManager APIs to perform a database save with locks.
INC-179106 · Issue 662617
Null data page check added for DataPageTelemetryImpl
Resolved in Pega Version 8.7
Recent work was done to modify the StreamChangeTracker trackValueChanges API to return false when invoked for properties of mode page. An additional null check has been added in DataPageTelemetryImpl.recordDataPageLoaded to handle a null pointer exception caused by null data page definitions.