SR-D43272 · Issue 516441
Local user lookup modifed to use requestor level data page to improve performance
Resolved in Pega Version 8.4
In a system with many users (over 40k), attempting to search for a user to send a private message was taking an excessive amount of time. Analysis found that all of the users were being loaded at once in a page list of type Code-Pega-List. This led to errors indicating the Page List property had more elements than the specified threshold, but pagination could not be added as the activity and RD are final. To improve performance, this process has been modified to use a data page at the requestor level instead.
SR- · Issue 402877
Merge Wizard errors fixed, and created rules will use the highest ruleset version available
Resolved in Pega Version 8.1.1
Code errors in the Merge Wizard that were causing Null Pointer Exception errors have been fixed, In addition, branch rule sets created through this wizard did not have the 'Application validation' option and rule set pre-requisite filled automatically; the system has been updated so the version prerequisite will be the highest existing ruleset version in the ruleset.
INC-173725 · Issue 656480
Logic updated for DX API retrieving View/Action ID using embedded property
Resolved in Pega Version 8.7
While calling the DX API using Assignment ID and action ID, a 500 error response was logged indicating that the server encountered an unexpected condition that prevented it from fulfilling the request. Investigation traced this to the logic used for resolving an embedded property referenced in a control/field to identify the correct page class. In a non-work object context for flow actions the new assign page doesn't exist, but the system was checking for it and clearing off errors from the named page. This has been corrected.
SR-D20075 · Issue 516574
DSS added to convert empty spaces for use between Old and New Assembler
Resolved in Pega Version 8.4
After switching to the Old Assembler (via the DSS switch UseOldAssembler=false), MQ Requests were failing. This was due to a difference in behavior with the Old and New Assembler: the Old assembler treated empty spaces as an empty string and did not pass them along. In this use case, the response of a prior MQ call was parsed with the appropriate number of spaces to a new request while expecting the characters to remain in that format. Since the Old Assembler was converting these to "", this caused a difference in behavior when switching between the two options. To correct this, a DSS has been added that will compensate for this behavior of removing the spaces for Parse XML rules. This new DSS must be set in conjunction with using switchToOldAssembler: set "SOAPConnectorPreserveWhiteSpaces" in "Pega-IntegrationEngine" to true. Once this is done, all Parse XML rules need to be reassembled by either saving each manually, or running the "Revalidate and Save" wizard off of the Designer Studio Menu > System > Release > Upgrade > Validate.
SR-D24318 · Issue 494060
Dom API updated to resolve Microsoft Internet Explorer 11 not loading async data with refresh when calling an activity
Resolved in Pega Version 8.4
The browser was continuously showing "loading" if Microsoft Internet Explorer 11 was used for a section which was sourced from a data page and configured to load the data asynchronously from a external service while calling an activity and using a 'refresh when' rule to refresh the section if a property changed. Investigation showed that the initial data load was successful and the section with the data was visible, but if the property changed and the section loaded once again due to the 'refresh when' condition, the browser was unable to render the defer loaded section case because the dom returned had the wrong value. To resolve this, the API used to check for the dom element has been updated.
SR-D51725 · Issue 516468
DSS added to rpevent logging of sensitive data used as input during async batch task processing
Resolved in Pega Version 8.4
When running Async Batch Task Processing, the whole set of inputs was logged when an error occurred during ADP load. Because this might result in sensitive data such as SSN, DOB, IDs, etc, being included in the debugging output, a DSS has now been added which when set will avoid printing any sensitive information in the log.
SR-D63232 · Issue 524295
Support added for Authentication service rule attributes in embedded pages
Resolved in Pega Version 8.4
SSO login was not working, giving the error "Unable to process the SAML WebSSO request : No value specified for Attribute in SAML assertion". Investigation showed the Authentication service rule could only map attributes that are on the top level page and did not consider embedded page values. To resolve this, tools.getProperty will be used to fetch the property reference value instead of find Page and getString.
INC-176274 · Issue 666390
Timeout check added to authorization to preserve portal context
Resolved in Pega Version 8.7
When using SAML SSO Authentication Service with "Use access group timeout" and "Redirect to IDP login after logout" selected and "Force authentication" not selected, manually logging out correctly returned the view to the custom SSO login page but the timeout logout returned the default Pega login page as if SSO was not in use. Analysis showed there was a "Failed to open portal" error after doing some action post timeout, and this was traced to pyPortal page not having a value. Investigation showed this was blank due to the creation of new thread while the requestor state was perceived as unauthenticated because of the timeout. To resolve this, a timeout check has been added to the following: Authorization#setActiveAccessGroup(java.lang.String, boolean, boolean, java.util.Map) BasicApplicationContextImmutableImpl#applyApplicationProperties
SR-D56409 · Issue 520743
URL Encryption and Obfuscation made compatible with site-minder
Resolved in Pega Version 8.4
Attempting to install a DL using Hfix Manager worked when not going through SSO but failed when using SSO. Investigation showed that this was due to the use of URLEncryption: URLEncryption uses a Pega-supplied base64 to encode the cipher text with MIME type encoding by default, which adds newline character after every 72 characters. This is not compatible with site-minder. which has policies to restrict newline characters in the URL. As a result, none of the encrypted requests were being processed. To resolve this, post-processing logic has been added to remove newline characters from encoded text. This change has also been applied top URLObfuscation.
SR-D28460 · Issue 509366
Added timeout handling for non-PRAuth servlets
Resolved in Pega Version 8.4
After logging in via external authentication service (SAML Single Sign On) and setting up a timeout in the access group RuleForm, when the user performed any action and the server identified the request to be timed-out, it was expected that a SAML request would be sent from the browser to the external Authentication Server (referred as IDP) and the flow would proceed from there. This worked as expected for a non-AJAX request. To resolve this, handling has been added for timeout when using non-PRAuth authentication services.