INC-188162 · Issue 673507
RSA-PSS signature support added for for SAML SSO
Resolved in Pega Version 8.7
The XML security jars have been updated to incorporate RSA-PSS signature algorithm support.
INC-160485 · Issue 655297
Trailing "/" added to public links for SSO use
Resolved in Pega Version 8.7
Links generated using pyWorkLinkWithLabel were not working with SSO due to not having a trailing "/" on the URL. This has been corrected by adding code to append the "/" if the public link url doesn't end with it.
INC-178148 · Issue 660924
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
INC-188405 · Issue 673063
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-D46681 · Issue 514432
SnapStart supports SAML2 Authentication
Resolved in Pega Version 8.3.2
When using an HTTP Post to SnapStart into Pega using PRCustom style or PRAuth style SAML authentication, the login was looping back to the login request. Investigation showed that the Pega ACS was posting data properly back to the RelayState URL, however the login activity was not getting the SAMLResponse and simply sent a SAML Login Request again. This has been fixed by updating reqContextURI in case of SAML2 Authentication service so pyActivity=value will be passed.
INC-170423 · Issue 648985
Added catch for SAML WebSSO duplicate key exception
Resolved in Pega Version 8.7
After logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint. Cannot insert duplicate key in object." This has been resolved by updating the session index handling and adding a catch for the duplicate key exception.
INC-162434 · Issue 640051
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-175897 · Issue 655466
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-200299 · Issue 689561
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
SR-D81532 · Issue 544429
Corrected case-mismatch when using Top Ranked in a subreport
Resolved in Pega Version 8.3.2
Incorrect SQL Generation was seen when using the combination of Union ALL (more than 1 distinct tables) and Rank in Sub report. The sub-report had a ranking logic to pull records with greatest “pxUpdateDateTime”, but when executing the main report definition rule, Oracle responded with the error "There was a problem getting a list." Investigation showed that the query generated was not able to match the columns because they were given as pxUpdateDateTimeR1 in one and PXUPDATEDATETIMER1 in another. This only happened when display Top Ranked was selected in the subreport, and was due to Oracle being case-sensitive. This has been resolved by updating the system to get the correct column alias for rank in a subreport.