SR-D54594 · Issue 521633
Enhancement added to customize the clearing of error messages when performing modal actions
Resolved in Pega Version 8.1.8
Opening any modal dialog, for example adding a row in Table/Grid layout, cleared any existing validation error messages on UI screen. In order to make this behavior customizable, a flag has been introduced to control the clearing of error messages from primary pages on grid actions. Updates have been made in the ui_grid, ui_grid_dragdrop and ui_repeatlayout JS files to include this flag in activity parameters and the pzdoGridAction activity has been modified to consider the flag.
INC-224954 · Issue 727045
Enabled turning off general metrics when queue processing metrics are disabled
Resolved in Pega Version 8.8
A memory leak related to QPGeneralMetrics was consuming heap and causing performance issues. Investigation showed queue processor metrics were gathered even when disabled. To resolve this, turning off "General Metrics Handler" while turning off the QPGeneralMetrics has been enabled. Queue processors should now skip the process of collecting general metrics while running activities. This will prevent storing unused (and uncleared) metrics in memory and prevent heap exhaustion.
INC-218001 · Issue 719920
Error text revised for parameterized data page used for token generation
Resolved in Pega Version 8.8
While trying to add a claim in the header of a Token Generation Profile instance, selecting Map From as "Clipboard" and trying to give any DataPage(parameterized) as the source property failed to be saved and the error "JWS Alias— Please provide correct algorithm key with correct key length." appeared. Changing the "Map From" to a Constant and giving a dummy value worked as expected. Tracer showed the error "declare page parameters not supported by PropertyReference", indicating the actual issue: at this time, the Token profile does not support using a parameterized data page. This has been addressed by ensuring an appropriate error message is shown on save of the token profile rule form when a parameterized data page reference is configured. The error will now read "The reference D_pzPreferenceStore[PreferenceOperatorID:"[email protected]"].pxObjClass is not valid. Reason: Parameterized data page reference is not supported." Support for a parameterized data page used with Map From will be taken as an enhancement for a future release.
INC-220663 · Issue 724471
BIX -J usage for DST can be used in Pega 7 mode
Resolved in Pega Version 8.8
After upgrade, there was a difference in the handling for a time zone with DST when executing a BIX extraction rule through command line arguments like -J with short form. In Pega 8.5+, -J CST6CDT always displays Date time to CDT; In Pega 7, -J CST6CDT displays Data Time based on CST or CDT (i.e. before daylight savings or not). This was due to changes made to set the time zone to address a different issue. While there is a workaround of using -J America/Los_Angeles, modifications have been made to support DST in the PEGA 7 format while running the BIX extraction rule from command line or with a "pxExtractDataWithArgs" activity with "-J" option.
INC-217974 · Issue 715428
Handling added BIX extraction failure when called from custom activity
Resolved in Pega Version 8.8
After update, BIX extraction was failing but email from the schedulers indicated success. Investigation showed that when extract was called from a custom activity by calling pxExtractDataWithArgs, the stepStatusFail 'when' rule in the custom activity was not capturing all the exceptions specific to database extracts. This has been resolved by adding the necessary handling.
INC-215343 · Issue 711143
Security updates
Resolved in Pega Version 8.8
Security updates have been made relating to rulesets using allow lists, checks for Java code injections, SAML-based SSO code, and supporting SFTP as part of the validation in the pxValidateURL rule.
INC-214974 · Issue 721179
Documentation updated for accessing D_pyUserInfoClaims
Resolved in Pega Version 8.8
When logging in using Org Credentials, trying to get the user details from D_pyUserInfoClaims did not return any information. This was due to the D_pyUserInfoClaims datapage being available only after authentication, so the claims information was not available during operator provisioning. The documentation located at https://docs.pega.com/security/88/mapping-operator-information-openid-connect-sso-authentication-service has been updated to include the following note: "This page becomes available and can only be accessed post authentication."
INC-211426 · Issue 706059
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.8
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
INC-216053 · Issue 716445
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.8
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
SR-D45608 · Issue 519902
Correct service instance name passed for data flow in DSMStatus
Resolved in Pega Version 8.1.8
When using the Connect-HTTP service "DSMStatus" to provide the node and status information as seen on the various tabs of the Designer Studio > Decisioning > Infrastructure > Services landing page, using DataFlow as the service parameter for the HTTP service method resulted in an empty response when the expectation was to get the information regarding the cluster details of Dataflow node type. This was traced to the service instance name not being parsed correctly when used for Data Flow services, and has been resolved by ensuring the correct service instance name is passed for this use.