INC-140224 · Issue 604004
Corrected SAML SSO error
Resolved in Pega Version 8.6
After opening a case from the Pega-FCM portal or after logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint %27pr_data_saml_requestor_PK%27. Cannot insert duplicate key in object". This was a missed use case that happens only under the old SAML configuration, and has been resolved by removing a when condition that checks for stepstatus fail for the pySAMLwebSSOAuthentication activity.
INC-155813 · Issue 629505
SAML SSO redirects to correct URL when application and authentication aliases match
Resolved in Pega Version 8.6
Whenever there was a match in the authentication service alias and the application alias, the application alias was replaced with empty after logoff instead of making the authentication service alias empty. For example, given an authentication service with the alias XYZ ("login with XYZ" alias option) and an application name XYZMyOps, the application alias was being changed from XYZMyOps to appMyOps after logoff. As a result, a blue screen error resulted when clicking on button "login with XYZ" again because it redirected to appMyOps, which didn't exist. This has been resolved by removing authservicealias and modifying AuthServiceAliasHelper.adjustPathIfAuthServiceAliasPresent() to change the method for calculating the pathinfo to string tokenizing.
INC-198571 · Issue 708634
SSO update
Resolved in Pega Version 8.8
In order to ensure shared SSO direct links are used as intended, an update has been made which will explicitly require re-authentication for each use of a direct link.
INC-222404 · Issue 727870
AccessToken can be used for both OIDC SSO and Connect-REST
Resolved in Pega Version 8.8
When trying to specify the AuthenticationProfile with grant_type ‘authorization_code’ in the Connect-REST rule, the AccessToken was not being retrieved, and the error "services.OutboundMappingException: Caught Exception while creating OAuth2 client, Caused by: PRRuntimeException: Unable to obtain access token for client details in authentication profile configured for connector" was generated. The usage case desired is to use the same token for both OIDC SSO and Connect-REST. This worked when the scope was the same, but the key was constructed with a space between the scope and the operator ID while saving the token to the cache. The constructed key did not have this space when fetching the token during Connect-REST. To support the desired use, logic has been added to make the appropriate trim for scope in cache key generation in oauth2clientimpl.
SR-B69359 · Issue 337302
Tab header value works for SSO
Resolved in Pega Version 8.1
The Tab header value was not updated with the rule name or Work Object ID when SSO authentication was used with sub-domain URLs. This has been fixed.
SR-C11323 · Issue 352191
Tab header value works for SSO
Resolved in Pega Version 8.1
The Tab header value was not updated with the rule name or Work Object ID when SSO authentication was used with sub-domain URLs. This has been fixed.
INC-223222 · Issue 723635
Corrected apiContext when using bulkActions
Resolved in Pega Version 8.8
Row selections in the multi-selection table were intermittently not working after opening a table with bulk actions enabled. Investigation showed that opening a table with bulkActions enabled and then navigating to a table where bulk actions are not available but multi-select is enabled led to functions like setSelectedRows and getSelectedRows still being available in apiContext. This has been resolved by correcting apiContext when bulkActions is enabled.
SR-C16944 · Issue 364121
pxObjClass of StepPage retained when using adoptJSONObject
Resolved in Pega Version 8.1
When using the adoptJSONObject method in a REST Service activity, calling adoptJSONObject made the pxObjClass of StepPage null. However, the pxObjClass retained its correct value after calling the adoptJSONObject method if the tracer was running. In this scenario, when JSON was adopted on to a page which had pxObjClass set on it and JSON didn't have pxObjClass within it , the resulting page was becoming classless. This has been fixed by reading pxObjClass from the page and retaining it if it is not empty and if pxObjClass is not present in stream.
INC-138443 · Issue 584680
SAML authentication documentation expanded
Resolved in Pega Version 8.6
Documentation for SAML authentication services has been updated to include more detailed information about app alias URL changes.
SR-C40010 · Issue 382499
Corrected URL formation problem when using Tomcat
Resolved in Pega Version 8.1
A blank screen was seen when trying to open Decision Table headers, and the color picker pop-up was blank when trying to choose a color for the skin. This was traced to an incorrect URL formed when using Tomcat, caused by the prweb/hash being appended twice in the URL. The root cause was unnecessary decoding of extURL in 'pzDisplayModalDialog' , and this has been fixed by adding the proper urlCrossScriptingFilter.