INC-199271 · Issue 699654
SAML-based SSO security updated
Resolved in Pega Version 8.5.6
Security updates have been made relating to SAML-based SSO code.
INC-160485 · Issue 655296
Trailing "/" added to public links for SSO use
Resolved in Pega Version 8.5.5
Links generated using pyWorkLinkWithLabel were not working with SSO due to not having a trailing "/" on the URL. This has been corrected by adding code to append the "/" if the public link url doesn't end with it.
SR-B69359 · Issue 337302
Tab header value works for SSO
Resolved in Pega Version 8.1
The Tab header value was not updated with the rule name or Work Object ID when SSO authentication was used with sub-domain URLs. This has been fixed.
SR-C11323 · Issue 352191
Tab header value works for SSO
Resolved in Pega Version 8.1
The Tab header value was not updated with the rule name or Work Object ID when SSO authentication was used with sub-domain URLs. This has been fixed.
INC-178148 · Issue 660926
Handling added for SSO servlet name
Resolved in Pega Version 8.5.5
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-C16944 · Issue 364121
pxObjClass of StepPage retained when using adoptJSONObject
Resolved in Pega Version 8.1
When using the adoptJSONObject method in a REST Service activity, calling adoptJSONObject made the pxObjClass of StepPage null. However, the pxObjClass retained its correct value after calling the adoptJSONObject method if the tracer was running. In this scenario, when JSON was adopted on to a page which had pxObjClass set on it and JSON didn't have pxObjClass within it , the resulting page was becoming classless. This has been fixed by reading pxObjClass from the page and retaining it if it is not empty and if pxObjClass is not present in stream.
SR-C40010 · Issue 382499
Corrected URL formation problem when using Tomcat
Resolved in Pega Version 8.1
A blank screen was seen when trying to open Decision Table headers, and the color picker pop-up was blank when trying to choose a color for the skin. This was traced to an incorrect URL formed when using Tomcat, caused by the prweb/hash being appended twice in the URL. The root cause was unnecessary decoding of extURL in 'pzDisplayModalDialog' , and this has been fixed by adding the proper urlCrossScriptingFilter.
SR-C48072 · Issue 388475
Corrected URL formation problem when using Tomcat
Resolved in Pega Version 8.1
A blank screen was seen when trying to open Decision Table headers, and the color picker pop-up was blank when trying to choose a color for the skin. This was traced to an incorrect URL formed when using Tomcat, caused by the prweb/hash being appended twice in the URL. The root cause was unnecessary decoding of extURL in 'pzDisplayModalDialog' , and this has been fixed by adding the proper urlCrossScriptingFilter.
INC-174267 · Issue 657129
Wait action persists when using Urgency Adjustment
Resolved in Pega Version 8.5.5
When using the Urgency Adjustment (pyAdjustAssignmentsla standard local action), once a case reached the wait action and the goal and deadline were updated the previous pyWaitAction was not being stored. This has been resolved by ensuring the previous pyWaitAction will be stored and passed to the AddAssign activity.
INC-182530 · Issue 695759
SAML datapages cleared before new authentication
Resolved in Pega Version 8.5.6
If a previous user had not logged out or timed out when using SAML authentication, a second person using the same device/browser would end up in the first user's session after performing their own authentication. Investigation showed the second login D_SAMLAssertionDataPage was not getting refreshed with the current user login details; this has been resolved by explicitly deleting the SAML Datapages before processing a new login if the session has not timed out.