SR-D75498 · Issue 545069
Resolved null-pointer exception for Token based Authenticated Rest
Resolved in Pega Version 8.2.6
When logging in with auth0 OIDC auth service and then trying to use connect-Rest with an authentication profile using an auth0 provider, a null pointer error was generated indicating connect-Rest could not find the Access token. Even thought the Authentication service (OIDC) and authentication profile (authorization grant) both had the same scopes (“openid profile email”), OIDC flow and authentication profile save the Access Token with different scopes. Specifically, OIDC saves the token with an extra trailing space. Handling has been added to correct this.
SR-D76409 · Issue 540300
Cleanup added for staging directory
Resolved in Pega Version 8.2.6
Temporary files from imports and exports (from DevOps) were filling up the staging area disk space because there was no automatic process for cleaning up these local files. This has been resolved by adding an enhancement that will clear the directory on Engine Startup and any time ParUtils.setStagingDirectory gets called to initialize the staging directory.
SR-D76567 · Issue 545448
ABAC DSS setting reflected in all nodes
Resolved in Pega Version 8.2.6
When the ABAC (Attribute-based access control) DSS was disabled, the change was not reflected in all the nodes automatically. This was traced to a difference in parameter name: SecurityCacheProvider.pulseChange(), while consuming pulse message on another node, expects to get ".pyPurpose" from the StringMap. Because the system was setting "pyPurpose", aKeys.get(".pyPurpose") returned nothing, and the policy cache iwa not cleared on other nodes. This has been resolved by ensuring naming consistency with "pyPurpose".
SR-D78045 · Issue 539891
Cleanup added for staging directory
Resolved in Pega Version 8.2.6
Temporary files from imports and exports (from DevOps) were filling up the staging area disk space because there was no automatic process for cleaning up these local files. This has been resolved by adding an enhancement that will clear the directory on Engine Startup and any time ParUtils.setStagingDirectory gets called to initialize the staging directory.
SR-D78987 · Issue 544061
Support for custom jvm.args added
Resolved in Pega Version 8.2.6
In order to support Oracle PKI and other ticket based authentication, support has been added for custom jvm.args properties to setupDatabase and prpcUtils properties files.
SR-D79178 · Issue 543312
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.2.6
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings in the CSRF LP (DevStudio-> System-> Setting-> CrossSiteRequestForgery) which will enforce HTTPS for the Pega server and mashup. Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For mashups to work, SameSite should be set as None. To follow proper security standards, it should be set as Strict.
SR-D83053 · Issue 544268
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.2.6
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings in the CSRF LP (DevStudio-> System-> Setting-> CrossSiteRequestForgery) which will enforce HTTPS for the Pega server and mashup. Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For mashups to work, SameSite should be set as None. To follow proper security standards, it should be set as Strict.
SR-D83192 · Issue 545057
JobScheduler DST handling updated
Resolved in Pega Version 8.2.6
When the locale being used changed out of Daylight Savings Time, scheduled jobs did run at the same local time as before but instead ran an hour earlier than expected. Investigation showed that jobscheduler calculated the next runtime based on the time difference from the cluster reference time and current time in milliseconds, and this offset in milliseconds was added to next run time. Since the cluster was started in DST, the job was running on same time due to the time difference. To resolve this, the system will use a calculation offset and set hours/minutes to nextRunTime object so that calendar lib handles daylight savings.
SR-D34359 · Issue 510600
StretchTabsWidth performance improvements
Resolved in Pega Version 8.2.6
Slowness was seen when a new intent task was created through an interaction. To improve performance, some of the unnecessary calls to the Layout Group _updateStretchTabsWidth() function have been eliminated, and the function code has been updated to use native javascript performant helper functions so it starts rendering sooner. A flag has also been added to disable addnewtab and resizeactions: these need to be enabled through pega.u.d.DISABLE_LG_RESIZE and pega.u.d.DISABLE_ADDNEWTAB.
SR-D35956 · Issue 521642
Handling enhanced for invalid date values in date/time
Resolved in Pega Version 8.2.6
Refreshing a section or entering an invalid date was causing the date/time to be reset to the current date. This has been resolved by modifying the logic and adding conditional checks in 'pzpega_ui_formatDateTime.js'.