INC-178148 · Issue 660924
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
INC-188405 · Issue 673063
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-B37819 · Issue 296299
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 300643
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 301551
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-A8595 · Issue 218942
Security updated for SAML Rule keystores
Resolved in Pega Version 7.2
Password encryption has been updated for the Keystores records used by SAML Rule forms for signing and decryption in the auth service rule data.
SR-A6223 · Issue 214939
Resolved WSDL SOAP exception when using target namespace
Resolved in Pega Version 7.2
When adding a well-defined XML ParseRule as a Request Header, saving and checking in the rule caused the Deployment results link to generate the error "Caught exception while creating WSDL for service package: : com.pega.pegarules.pub.PRRuntimeException: PRRuntimeException Header message is included with method namespace instead of targetnamespace" This was an error in the code handling a target namespace for Request Headers (configured on the Service Soap -> Requests tab), and has been fixed.
SR-B3657 · Issue 274527
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.
SR-B3657 · Issue 280763
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.
SR-B3657 · Issue 285983
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.