SR-C51744 · Issue 406708
Corrected SAML SSO logout error
Resolved in Pega Version 8.2
When performing a SAML SSO Logout, an error appeared indicating some artifacts were missing. This was traced to an incorrect NameQualifier being generated with IDP in the logoff request, and has been fixed by modifying the code to include an SPNameQualifier attribute for the NameID element in the logout request. Namespace has been added for logout requests at the parent level instead adding it at each node element.
SR-C70146 · Issue 407966
Corrected SAML SSO logout error
Resolved in Pega Version 8.2
When performing a SAML SSO Logout, an error appeared indicating some artifacts were missing. This was traced to an incorrect NameQualifier being generated with IDP in the logoff request, and has been fixed by modifying the code to include an SPNameQualifier attribute for the NameID element in the logout request. Namespace has been added for logout requests at the parent level instead adding it at each node element.
INC-198571 · Issue 708634
SSO update
Resolved in Pega Version 8.8
In order to ensure shared SSO direct links are used as intended, an update has been made which will explicitly require re-authentication for each use of a direct link.
INC-222404 · Issue 727870
AccessToken can be used for both OIDC SSO and Connect-REST
Resolved in Pega Version 8.8
When trying to specify the AuthenticationProfile with grant_type ‘authorization_code’ in the Connect-REST rule, the AccessToken was not being retrieved, and the error "services.OutboundMappingException: Caught Exception while creating OAuth2 client, Caused by: PRRuntimeException: Unable to obtain access token for client details in authentication profile configured for connector" was generated. The usage case desired is to use the same token for both OIDC SSO and Connect-REST. This worked when the scope was the same, but the key was constructed with a space between the scope and the operator ID while saving the token to the cache. The constructed key did not have this space when fetching the token during Connect-REST. To support the desired use, logic has been added to make the appropriate trim for scope in cache key generation in oauth2clientimpl.
INC-223222 · Issue 723635
Corrected apiContext when using bulkActions
Resolved in Pega Version 8.8
Row selections in the multi-selection table were intermittently not working after opening a table with bulk actions enabled. Investigation showed that opening a table with bulkActions enabled and then navigating to a table where bulk actions are not available but multi-select is enabled led to functions like setSelectedRows and getSelectedRows still being available in apiContext. This has been resolved by correcting apiContext when bulkActions is enabled.
INC-178148 · Issue 660925
Handling added for SSO servlet name
Resolved in Pega Version 8.6.2
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
INC-188405 · Issue 673065
Handling added for SSO servlet name
Resolved in Pega Version 8.6.2
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-C65438 · Issue 406709
Added SAML parameter page generation for local use to bypass null auth object
Resolved in Pega Version 8.2
After defining any step which used parameters in the Post authentication activity of a SAML authentication service, the authentication failed with a java.lang.NullPointerException at com.pega.pegarules.session.internal.mgmt.Executable.putParamValue(Executable.java:3030). This was traced to local logic inserted to iterate through the SAML attributes that used a null parameter page. To resolve this, code has been inserted that will generate a new parameter page for the iteration rather than getting it from the authentication object.
SR-C64783 · Issue 407087
Corrected handling for SAML logoff
Resolved in Pega Version 8.2
On SAML logoff, the error "There has been an issue; please consult your system administrator; Status:fail ... No certificate found in truststore" appeared. Investigation showed this was an issue with the aliasing of certificates and signing that led to the requestor not being terminated for that logoff response. To correct this, when Pega receives a logout request which is invalid, it will terminate the session instead of throwing a PRRunTimeException.
INC-174267 · Issue 669672
Wait action persists when using Urgency Adjustment
Resolved in Pega Version 8.6.2
When using the Urgency Adjustment (pyAdjustAssignmentsla standard local action), once a case reached the wait action and the goal and deadline were updated the previous pyWaitAction was not being stored. This has been resolved by ensuring the previous pyWaitAction will be stored and passed to the AddAssign activity.