SR-B37819 · Issue 296299
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 300643
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 301551
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B3657 · Issue 274527
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.
SR-B3657 · Issue 280763
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.
SR-B3657 · Issue 285983
SAML authentication enhanced to detect encoded/decoded response
Resolved in Pega Version 7.3
Even though SAML authentication was working as expected, an error message was being logged when the system attempted to process the authentication response as encoded before falling back to process it as decoded. To remove confusion, Fallback has been removed and instead the system will intelligently identify the response as encoded/decoded and handle it appropriately without generating an unnecessary error.
SR-B31631 · Issue 289775
Installation documentation updated re: postgis use
Resolved in Pega Version 7.3
To avoid confusion, the documentation for the installation process has been explicitly updated to indicate that data and rules schema cannot have postgis extension applied.
SR-B17037 · Issue 289405
Handling added for SP initiated logins
Resolved in Pega Version 7.3
Attempting a Service Provider (SP) initiated login request caused the error "The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria" to appear. This was due to the code used to identify whether the flow is IDP initiated or SP initiated SSO not having the handling for encrypted assertions. The system has now been updated to look for the relay state in the DB: if an entry is present then the SSO flow will be SP initiated, otherwise it will be IDP initiated.
INC-177737 · Issue 663140
Authentication requirement updated for CallConnector
Resolved in Pega Version 8.6.1
After update, invoking a REST API call during SSO login which eventually called pxCallConnector (Final Activity) in @baseclass Pega-RulesEngine failed at the CallConnector step. This was caused by a change in recent Pega versions which enabled authentication for this activity, and has been resolved by marking the activity as internal and disabling the authentication requirement.
INC-164308 · Issue 634409
UseNoCacheHeaders default expiration set to "0"
Resolved in Pega Version 8.6.1
When the prconfig/HTTP/UseNoCacheHeaders/default was set true it used the value "Expires: Thu, 01 Dec 1994 16:00:00 GMT". This has been updated to the more commonly used setting "0".