INC-188162 · Issue 673507
RSA-PSS signature support added for for SAML SSO
Resolved in Pega Version 8.7
The XML security jars have been updated to incorporate RSA-PSS signature algorithm support.
INC-160485 · Issue 655297
Trailing "/" added to public links for SSO use
Resolved in Pega Version 8.7
Links generated using pyWorkLinkWithLabel were not working with SSO due to not having a trailing "/" on the URL. This has been corrected by adding code to append the "/" if the public link url doesn't end with it.
INC-198571 · Issue 708633
SSO update
Resolved in Pega Version 8.7.2
In order to ensure shared SSO direct links are used as intended, an update has been made which will explicitly require re-authentication for each use of a direct link.
INC-178148 · Issue 660924
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
INC-188405 · Issue 673063
Handling added for SSO servlet name
Resolved in Pega Version 8.7
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-133715 · Issue 204978
RTE <br> handling resolved when using pega:when = false
Resolved in Pega Version 7.2
Inconsistent behavior was seen when using rich text editor in paragraph rule if the pega:when was false. This was an issue with the handling of the
tags under this condition, and has been resolved.
SR-133715 · Issue 209655
RTE <br> handling resolved when using pega:when = false
Resolved in Pega Version 7.2
Inconsistent behavior was seen when using rich text editor in paragraph rule if the pega:when was false. This was an issue with the handling of the
tags under this condition, and has been resolved.
SR-D29127 · Issue 506863
SAML data pages restored after passivation
Resolved in Pega Version 8.2.4
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as readonly, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-A3803 · Issue 212217
Better handling for menus when using JAWS
Resolved in Pega Version 7.2
When accessibility was invoked, the Navigation menu did not indicate arrow up/down options in links with showmenu role='link' generated on them, and JAWS was not reading out that it was a link with a menu. This was an unintended side-effect of updates to avoid reading out a URL in a label/text, and corrections have been made to support accessibility so that navigational menus are read out more intuitively with JAWS.
SR-A8595 · Issue 218942
Security updated for SAML Rule keystores
Resolved in Pega Version 7.2
Password encryption has been updated for the Keystores records used by SAML Rule forms for signing and decryption in the auth service rule data.