INC-140224 · Issue 604003
Corrected SAML SSO error
Resolved in Pega Version 8.5.2
After opening a case from the Pega-FCM portal or after logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint %27pr_data_saml_requestor_PK%27. Cannot insert duplicate key in object". This was a missed use case that happens only under the old SAML configuration, and has been resolved by removing a when condition that checks for stepstatus fail for the pySAMLwebSSOAuthentication activity.
INC-188162 · Issue 673508
RSA-PSS signature support added for for SAML SSO
Resolved in Pega Version 8.6.3
The XML security jars have been updated to incorporate RSA-PSS signature algorithm support.
INC-182530 · Issue 695761
SAML datapages cleared before new authentication
Resolved in Pega Version 8.6.3
If a previous user had not logged out or timed out when using SAML authentication, a second person using the same device/browser would end up in the first user's session after performing their own authentication. Investigation showed the second login D_SAMLAssertionDataPage was not getting refreshed with the current user login details; this has been resolved by explicitly deleting the SAML Datapages before processing a new login if the session has not timed out.
INC-144566 · Issue 600856
User lookup list correctly populated when using # tag
Resolved in Pega Version 8.5.2
When typing '#ANewTag @' in Pulse, the user lookup list was not shown. Using '#ExistingTag @' worked as expected. This was a missed use case in work done to improve the performance of pzJquerymentionsInput by restricting REST calls, and has been resolved.
INC-195511 · Issue 693220
Check added for child join class when using ABAC
Resolved in Pega Version 8.6.3
When a join was applied on a report definition and the same join class had a child class to which ABAC was applied (for some property eg., isABC), an "invalidreference" exception (isABC) was generated. This was traced to the system taking into account the child class of the join class while running the report, and has been resolved by adding a check to handle this scenario.
INC-132191 · Issue 582550
Option added to return to same authenticationService after SAML logoff
Resolved in Pega Version 8.5.2
An enhancement has been added which provides a check box on the Authentication Service ruleform to select the option of redirecting users back to their original authentication service screen after logoff.
INC-138243 · Issue 584897
Performance improvement in When parsing
Resolved in Pega Version 8.5.2
After upgrade, performance issues were seen in the execution of rules with When conditions. This has been resolved by modifying the code to address some inefficiencies in the parsing method.
INC-192464 · Issue 681752
PackageComponent updated for use with repositories
Resolved in Pega Version 8.6.3
Exporting a zip file created by the Component wizard to a repository resulted in an error, however the same process worked as expected when the zip file was created by the Product wizard. Investigation showed that pxPackageComponent was not kept up to date with new metadata requirements for Artifactory export. This has been resolved by modifying pxPackageComponent step 7 to set Param.ArtifactType to "component" and Param.ArtifactName to [component name]_[component version]. A privilege check has also been added to zipMoveExport.
SR-D88451 · Issue 550848
Testcases are not available for 'access when' rules
Resolved in Pega Version 8.2.7
Attempting to create test cases for access when rules resulted in guardrail warnings about the need to create a test case. Because Test Cases are not available for the Access When rule type as per Pega expected behavior, the guardrail warnings are not valid and have been removed.
INC-196414 · Issue 684239
OAuth token refreshed when revoked on source
Resolved in Pega Version 8.6.3
When an OAuth token was used to authorize the APIs in the system, revoking the token at the source, i.e. from the Service side, did not automatically refresh the token and a logoff/logon was required before a fresh token was generated. This has been resolved by adding an update to explicitly purge revoked tokens.