INC-200299 · Issue 689561
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
SR-A92057 · Issue 259453
OneTimeUse cache file generation disabled for SAML2
Resolved in Pega Version 7.2.2
Whenever SAML2 Token contained a "OneTimeUse" caching condition there were thousands of unwanted files generated. This caching has been disabled in the assertion validation code of SAMLv2ResponseProtocolValidator.java, so even if SAML2 token contains that OneTimeUse condition these files will not be generated.
SR-A76677 · Issue 253493
IDP SAML 2.0 schema validation error resolved
Resolved in Pega Version 7.2.2
When generating the Pega SP metadata after importing the Shibboleth IDP metadata, the error "The metadata does not pass the SAML 2.0 schema validation" appeared. This has been resolved by modifying the pzDownloadSPMetadata activity to generate a unique secure random ID prefixed with an underscore.
INC-168837 · Issue 646972
CSRF token updated for use with OKTA login
Resolved in Pega Version 8.7
An issue seen while connecting via OKTA has been resolved by updating the CSRF token validation for use with IDP initiated SSO login.
SR-A77173 · Issue 254080
IsWindowStealFocusInIEAllowed allows 'when' value
Resolved in Pega Version 7.2.2
In order to run legacy and Pega applications in parallel, a site configured the system to create a case in the Pega application as soon as a case was created in the legacy application. The intent was to have the case created in Pega to be in the background, but performing any DC actions shifted focus to the Pega app window when using Microsoft Internet Explorer . In order to have the configuration work as desired, the pyIsWindowStealFocusInMicrosoft Internet Explorer Allowed when rule must be set to false (default is true). Support for a conditional window focus configuration is now available, based on pyIsWindowStealFocusInMicrosoft Internet Explorer Allowed 'when' rule value.
INC-192464 · Issue 681751
PackageComponent updated for use with repositories
Resolved in Pega Version 8.7
Exporting a zip file created by the Component wizard to a repository resulted in an error, however the same process worked as expected when the zip file was created by the Product wizard. Investigation showed that pxPackageComponent was not kept up to date with new metadata requirements for Artifactory export. This has been resolved by modifying pxPackageComponent step 7 to set Param.ArtifactType to "component" and Param.ArtifactName to [component name]_[component version]. A privilege check has also been added to zipMoveExport.
SR-A100816 · Issue 268476
MinimumAgeForProcessing honored when requeuing Broken-Process
Resolved in Pega Version 7.2.2
When using the Requeue feature from SMA, queue items were not honoring the existing (previously used) value of pyMinimumAgeForProcessing, instead setting the value as -1 so, all attempts were happening immediately. This was an issue with the Repair API in QueueManagerImpl not honoring minimumAgeForProcessing if MinimumDateForProcessing already existed in the queue item, and has been fixed.
SR-A100367 · Issue 270660
Page copy works when previewing a rule
Resolved in Pega Version 7.2.2
The option to copy an existing page was not working when previewing a rule. This was caused by the page type and page name parameters not being included in the pyTempWorkPage used to create the request URL for the preview; this has been corrected.
INC-196414 · Issue 684238
OAuth token refreshed when revoked on source
Resolved in Pega Version 8.7
When an OAuth token was used to authorize the APIs in the system, revoking the token at the source, i.e. from the Service side, did not automatically refresh the token and a logoff/logon was required before a fresh token was generated. This has been resolved by adding an update to explicitly purge revoked tokens.
INC-178417 · Issue 670114
Flag reset added for grid with 'Expand When'
Resolved in Pega Version 8.7
A grid using an 'Expand When' condition worked as expected when the condition was true, but once expanded the grid did not collapse if the expand condition was changed to false even if a section/harness refresh was performed. This has been resolved by adding an update which will reset the flag when the result of 'Expand When' is false.