SR-D38318 · Issue 519710
Data pages explicitly cleared after QP use
Resolved in Pega Version 8.2.6
The Util Node was showing as Offline in the Search Landing Page, and when Jobs were submitted for execution from other Nodes the message "Detected active run with unreachable nodes" was logged. The util node, configured as a backgroundprocessing node, was running QPs; the queue size for custom QPs is 500 messages /queue items per minute, but investigation showed the requestor level and thread level data pages corresponding to the QP activities were not being cleared after use. This led to high heap memory issues that made the node unreachable, and has been resolved by adding code to explicitly remove the data pages when processing has finished.
SR-D63727 · Issue 531724
Authorization header base 64 format error recategorized as debug logging
Resolved in Pega Version 8.2.6
Numerous messages were generated indicating that the Authorization Header format was invalid when using the format " : " (Base64 Og==) . As this is the default behavior for a particular class of proxy servers, the error statement has been updated to be logged as a debug statement and will be visible only when that logging is enabled.
SR-D64608 · Issue 544387
Corrected filedownload extension header issue
Resolved in Pega Version 8.2.6
Filedownload header contained plain non-ascii characters which caused a security violation issue. This has been resolved by removing the filedownload header from the HTTP response when the sendfile API is used with inputstream to download a file.
SR-D51324 · Issue 523434
Authentication state refreshed after failure in mobile
Resolved in Pega Version 8.2.6
When using the mobile app, if the log in was started and incorrect credentials or empty fields were submitted and then the credentials screen was X-ed out or canceled, attempting to log in again using the correct information still received the "Authentication failed" error. A subsequent attempt with the correct credentials would then work. This was traced to the server persisting the state from the first request (per browser session), and has been resolved.
SR-D53835 · Issue 524213
Handling added for custom authentication in embedded mashup
Resolved in Pega Version 8.2.6
After embedding the Mashup gadget in an external application, at browser refresh a Cross-Origin Read Blocking (CORB) warning appeared and the gadget did not load as expected. A second refresh cleared the error. Investigation showed that when custom authentication is configured, 'use SSL' is checked in Authentication service. That meant that when the user was authenticated, the redirection was not considering the query string entered before authentication and the CORB warning was issued due to a change in response. Because there is special handling for the above use case and post-authentication redirection does not happen through the normal flow (HttpAPI), this issue has been resolved by honoring the query string stored in requestor (entered by user) while redirecting.
SR-D48762 · Issue 518298
Enhancement added to support DB2 CREATE OR REPLACE view syntax
Resolved in Pega Version 8.2.6
After creating the product, attempting to import it on another environment failed due to incompatibilities with the syntax. In SQLGeneratorDb2.getViewSourceStatement(), when the View definition is fetched there is a check whether the view starts with "CREATE VIEW". Since the customer view of "CREATE OR REPLACE" was not supported in Db2LUW, it didn't match and appended the "CREATE VIEW" statement again. This happened only when using DB2, and has been resolved by updating the logic in SQLGeneratorDb2.getViewSourceStatement() to support CREATE OR REPLACE VIEW statements.
SR-D75498 · Issue 545069
Resolved null-pointer exception for Token based Authenticated Rest
Resolved in Pega Version 8.2.6
When logging in with auth0 OIDC auth service and then trying to use connect-Rest with an authentication profile using an auth0 provider, a null pointer error was generated indicating connect-Rest could not find the Access token. Even thought the Authentication service (OIDC) and authentication profile (authorization grant) both had the same scopes (“openid profile email”), OIDC flow and authentication profile save the Access Token with different scopes. Specifically, OIDC saves the token with an extra trailing space. Handling has been added to correct this.
SR-D57038 · Issue 519380
JobScheduler DST handling updated
Resolved in Pega Version 8.2.6
When the locale being used changed out of Daylight Savings Time, scheduled jobs did run at the same local time as before but instead ran an hour earlier than expected. Investigation showed that jobscheduler calculated the next runtime based on the time difference from the cluster reference time and current time in milliseconds, and this offset in milliseconds was added to next run time. Since the cluster was started in DST, the job was running on same time due to the time difference. To resolve this, the system will use a calculation offset and set hours/minutes to nextRunTime object so that calendar lib handles daylight savings.
SR-D83192 · Issue 545057
JobScheduler DST handling updated
Resolved in Pega Version 8.2.6
When the locale being used changed out of Daylight Savings Time, scheduled jobs did run at the same local time as before but instead ran an hour earlier than expected. Investigation showed that jobscheduler calculated the next runtime based on the time difference from the cluster reference time and current time in milliseconds, and this offset in milliseconds was added to next run time. Since the cluster was started in DST, the job was running on same time due to the time difference. To resolve this, the system will use a calculation offset and set hours/minutes to nextRunTime object so that calendar lib handles daylight savings.
SR-D48433 · Issue 514857
Exception handling added for Redirect URL fetched from GRS
Resolved in Pega Version 8.2.6
When the application definition under “integration and security" tab was configured to use "Store in web storage provider" to allow choosing the storage name and the authentication profile, configuring the authentication profile to use an OpenID connect provider with the pyEndpointURL property given as a global resource setting such as (=D_SharepointDetails.url) was not working as expected. Clicking browse in the application definition sent the request to the OpenID connect provider and was returned with the error "The reference =D_SharepointDetails.url is not valid. Reason: Page name (D_SharepointDetails) from indirect reference was not found." This was traced to the Redirect URL (fetched from GRS) throwing an unhandled exception, and has been resolved.