INC-188162 · Issue 673508
RSA-PSS signature support added for for SAML SSO
Resolved in Pega Version 8.6.3
The XML security jars have been updated to incorporate RSA-PSS signature algorithm support.
SR-A101069 · Issue 270616
Fixed dropdown issues when using Google Chrome
Resolved in Pega Version 7.2.2
The following issues were noted when using the Google Chrome browser: when selecting values from drop down in collapsible header, the section did not refresh according to selection; when the drop down was expanded, it loaded in front of collapsible header; when trying to select values which were within a collapsible header, the header became collapsed. These issues were due to the function expandHeader not being called in Google Chrome, and the function will now be called accordingly.
SR-A101069 · Issue 269981
Fixed dropdown issues when using Google Chrome
Resolved in Pega Version 7.2.2
The following issues were noted when using the Google Chrome browser: when selecting values from drop down in collapsible header, the section did not refresh according to selection; when the drop down was expanded, it loaded in front of collapsible header; when trying to select values which were within a collapsible header, the header became collapsed. These issues were due to the function expandHeader not being called in Google Chrome, and the function will now be called accordingly.
SR-A101069 · Issue 270595
Fixed dropdown issues when using Google Chrome
Resolved in Pega Version 7.2.2
The following issues were noted when using the Google Chrome browser: when selecting values from drop down in collapsible header, the section did not refresh according to selection; when the drop down was expanded, it loaded in front of collapsible header; when trying to select values which were within a collapsible header, the header became collapsed. These issues were due to the function expandHeader not being called in Google Chrome, and the function will now be called accordingly.
INC-182530 · Issue 695761
SAML datapages cleared before new authentication
Resolved in Pega Version 8.6.3
If a previous user had not logged out or timed out when using SAML authentication, a second person using the same device/browser would end up in the first user's session after performing their own authentication. Investigation showed the second login D_SAMLAssertionDataPage was not getting refreshed with the current user login details; this has been resolved by explicitly deleting the SAML Datapages before processing a new login if the session has not timed out.
INC-195511 · Issue 693220
Check added for child join class when using ABAC
Resolved in Pega Version 8.6.3
When a join was applied on a report definition and the same join class had a child class to which ABAC was applied (for some property eg., isABC), an "invalidreference" exception (isABC) was generated. This was traced to the system taking into account the child class of the join class while running the report, and has been resolved by adding a check to handle this scenario.
SR-A92057 · Issue 259453
OneTimeUse cache file generation disabled for SAML2
Resolved in Pega Version 7.2.2
Whenever SAML2 Token contained a "OneTimeUse" caching condition there were thousands of unwanted files generated. This caching has been disabled in the assertion validation code of SAMLv2ResponseProtocolValidator.java, so even if SAML2 token contains that OneTimeUse condition these files will not be generated.
SR-A76677 · Issue 253493
IDP SAML 2.0 schema validation error resolved
Resolved in Pega Version 7.2.2
When generating the Pega SP metadata after importing the Shibboleth IDP metadata, the error "The metadata does not pass the SAML 2.0 schema validation" appeared. This has been resolved by modifying the pzDownloadSPMetadata activity to generate a unique secure random ID prefixed with an underscore.
SR-A77173 · Issue 254080
IsWindowStealFocusInIEAllowed allows 'when' value
Resolved in Pega Version 7.2.2
In order to run legacy and Pega applications in parallel, a site configured the system to create a case in the Pega application as soon as a case was created in the legacy application. The intent was to have the case created in Pega to be in the background, but performing any DC actions shifted focus to the Pega app window when using Microsoft Internet Explorer . In order to have the configuration work as desired, the pyIsWindowStealFocusInMicrosoft Internet Explorer Allowed when rule must be set to false (default is true). Support for a conditional window focus configuration is now available, based on pyIsWindowStealFocusInMicrosoft Internet Explorer Allowed 'when' rule value.
INC-192464 · Issue 681752
PackageComponent updated for use with repositories
Resolved in Pega Version 8.6.3
Exporting a zip file created by the Component wizard to a repository resulted in an error, however the same process worked as expected when the zip file was created by the Product wizard. Investigation showed that pxPackageComponent was not kept up to date with new metadata requirements for Artifactory export. This has been resolved by modifying pxPackageComponent step 7 to set Param.ArtifactType to "component" and Param.ArtifactName to [component name]_[component version]. A privilege check has also been added to zipMoveExport.