INC-194287 · Issue 681065
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.7
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-181941 · Issue 664808
Handling added for using virtual network interface for Stream Services startup
Resolved in Pega Version 8.7
After update, the restart of any node failed with the error "Unable to create DSM service DATA-DECISION-SERVICE-STREAMSERVER DEFAULT". This has been resolved by adding support for allowing stream service to start on the virtual network interface in cases where it was explicitly configured via the "cluster/hazelcast/interface".
SR-D23490 · Issue 496576
Interface changes made to avoid unexpected workitem deletions when removing stale locks
Resolved in Pega Version 8.1.6
Attempting to delete lock instances of work objects by directly opening the lock item found through navigating to (Dev Studio) App > Classes > System-Locks actually resulted in deleting the work item instead of just the lock. This was due to System-Locks being uniquely identified by the WorkItem that they belong to rather than having their own specific key. This meant that clicking on one of the instances caused the system to respond by presenting a "default RuleFormLayout section" which included a delete button keyed to the actual workitem, but this was not made explicitly clear in the interface. In order to prevent unexpected item deletions, the table has been replaced with a link to the proper System-Lock interface, specifically the "My Locks" window.
SR-D24318 · Issue 494059
Dom API updated to resolve Microsoft Internet Explorer 11 not loading async data with refresh when
Resolved in Pega Version 8.1.6
The browser was continuously showing "loading" if Microsoft Internet Explorer 11 was used for a section which was sourced from a data page and configured to load the data asynchronously from a external service while calling an activity and using a 'refresh when' rule to refresh the section if a property changed. Investigation showed that the initial data load was successful and the section with the data was visible, but if the property changed and the section loaded once again due to the 'refresh when' condition, the browser was unable to render the defer loaded section case because the dom returned had the wrong value. To resolve this, the API used to check for the dom element has been updated.
SR-D15844 · Issue 496777
Flag set for using defer load context switching with Microsoft Internet Explorer
Resolved in Pega Version 8.1.6
Defer load section was not working as expected due to Microsoft Internet Explorer 11 not maintaining the context of the section during busyIndicator hide. To avoid this, a flag 'pega.ctxmgr.skipContextSwitching' will be set during the hide of busy indicator if Microsoft Internet Explorer is used, and the harness switching context will then be decided based on this flag.
INC-173725 · Issue 656480
Logic updated for DX API retrieving View/Action ID using embedded property
Resolved in Pega Version 8.7
While calling the DX API using Assignment ID and action ID, a 500 error response was logged indicating that the server encountered an unexpected condition that prevented it from fulfilling the request. Investigation traced this to the logic used for resolving an embedded property referenced in a control/field to identify the correct page class. In a non-work object context for flow actions the new assign page doesn't exist, but the system was checking for it and clearing off errors from the named page. This has been corrected.
INC-176274 · Issue 666390
Timeout check added to authorization to preserve portal context
Resolved in Pega Version 8.7
When using SAML SSO Authentication Service with "Use access group timeout" and "Redirect to IDP login after logout" selected and "Force authentication" not selected, manually logging out correctly returned the view to the custom SSO login page but the timeout logout returned the default Pega login page as if SSO was not in use. Analysis showed there was a "Failed to open portal" error after doing some action post timeout, and this was traced to pyPortal page not having a value. Investigation showed this was blank due to the creation of new thread while the requestor state was perceived as unauthenticated because of the timeout. To resolve this, a timeout check has been added to the following: Authorization#setActiveAccessGroup(java.lang.String, boolean, boolean, java.util.Map) BasicApplicationContextImmutableImpl#applyApplicationProperties
SR-D28460 · Issue 509365
Added timeout handling for non-PRAuth servlets
Resolved in Pega Version 8.2.4
After logging in via external authentication service (SAML Single Sign On) and setting up a timeout in the access group RuleForm, when the user performed any action and the server identified the request to be timed-out, it was expected that a SAML request would be sent from the browser to the external Authentication Server (referred as IDP) and the flow would proceed from there. This worked as expected for a non-AJAX request. To resolve this, handling has been added for timeout when using non-PRAuth authentication services.
SR-D3556 · Issue 446513
Requestor.OperatorID page updated to stay in sync with current OperatorID to enable post-Auth activity mapping
Resolved in Pega Version 8.1.6
The systems pages were not getting updated to the right operator's context when a post-Auth activity was used for mapping. To support this use, the UpdateOperatorID trigger has been updated to keep the pxRequestor.OperatorID page in sync with the current operatorID page during SAML. The operator will also be saved during provisioning.
SR-D33491 · Issue 511727
Code fragment removed to resolve CookieDisabledException
Resolved in Pega Version 8.2.4
After upgrade, a CookieDisabledException occurred after a post activity was invoked in the single sign-on (SSO) authentication service. This was traced to the site using the deprecated flag "redirectguests" as part of SSO-based login for mashup usecases. This flag was used to check if a cookiedisabled exception was thrown or not, and if there was no cookie, if a requestor was authenticated in first request. However, the flag has been removed as part of work done to omit the Cookie support check on Mobile App UAs. Code that supported the use of this flag remained after that work and led to the exception being generated, but has now been removed as well.