INC-181941 · Issue 664808
Handling added for using virtual network interface for Stream Services startup
Resolved in Pega Version 8.7
After update, the restart of any node failed with the error "Unable to create DSM service DATA-DECISION-SERVICE-STREAMSERVER DEFAULT". This has been resolved by adding support for allowing stream service to start on the virtual network interface in cases where it was explicitly configured via the "cluster/hazelcast/interface".
INC-181941 · Issue 664807
Handling added for using virtual network interface for Stream Services startup
Resolved in Pega Version 8.6.3
After update, the restart of any node failed with the error "Unable to create DSM service DATA-DECISION-SERVICE-STREAMSERVER DEFAULT". This has been resolved by adding support for allowing stream service to start on the virtual network interface in cases where it was explicitly configured via the "cluster/hazelcast/interface".
SR-D76492 · Issue 549970
Added check for test case creation when Cross-site scripting security enabled
Resolved in Pega Version 8.4.2
Test case creation was failing. Investigation showed that when the "Cross-Site Request Forgery" security setting was enabled, the CSRF token and Browser fingerprint were not included in AJAX calls, and the Ruleinskey was not getting passed. This has been resolved by adding a check to evaluate whether security measures are included or not when making a server call from AJAX, and including the tokens required when appropriate.
INC-173725 · Issue 656480
Logic updated for DX API retrieving View/Action ID using embedded property
Resolved in Pega Version 8.7
While calling the DX API using Assignment ID and action ID, a 500 error response was logged indicating that the server encountered an unexpected condition that prevented it from fulfilling the request. Investigation traced this to the logic used for resolving an embedded property referenced in a control/field to identify the correct page class. In a non-work object context for flow actions the new assign page doesn't exist, but the system was checking for it and clearing off errors from the named page. This has been corrected.
INC-127804 · Issue 566400
DASS switch added for use with older Connect Rest passing encoded inputs
Resolved in Pega Version 8.4.2
As of Pega 8.2, an EmbedURL configuration in the REST connector was made available to provide flexibility to choose URL-encoding on an as-needed basis. In order to support connectors created prior to Pega 8.2, a configuration has been added to support usecases that pass encoded inputs to the connector execution. This is available by way of a connect/DisablePathDecoding DASS switch in the REST connector resource path parameters handling.
INC-176274 · Issue 666390
Timeout check added to authorization to preserve portal context
Resolved in Pega Version 8.7
When using SAML SSO Authentication Service with "Use access group timeout" and "Redirect to IDP login after logout" selected and "Force authentication" not selected, manually logging out correctly returned the view to the custom SSO login page but the timeout logout returned the default Pega login page as if SSO was not in use. Analysis showed there was a "Failed to open portal" error after doing some action post timeout, and this was traced to pyPortal page not having a value. Investigation showed this was blank due to the creation of new thread while the requestor state was perceived as unauthenticated because of the timeout. To resolve this, a timeout check has been added to the following: Authorization#setActiveAccessGroup(java.lang.String, boolean, boolean, java.util.Map) BasicApplicationContextImmutableImpl#applyApplicationProperties
INC-204045 · Issue 694323
Signature map updated for fetching keys
Resolved in Pega Version 8.6.3
MFA login worked with SAML 2.0 when the certificate was disabled but failed when the certificate was enabled in Auth Service. The error " "Signature algorithm is null" appeared. This has been resolved by updating the signature map to ignore case sensitivity while fetching keys.
INC-157095 · Issue 638808
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.7
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
INC-177737 · Issue 663141
Authentication requirement updated for CallConnector
Resolved in Pega Version 8.7
After update, invoking a REST API call during SSO login which eventually called pxCallConnector (Final Activity) in @baseclass Pega-RulesEngine failed at the CallConnector step. This was caused by a change in recent Pega versions which enabled authentication for this activity, and has been resolved by marking the activity as internal and disabling the authentication requirement.
INC-200218 · Issue 692432
Added handling for calling truncate with external Cassandra
Resolved in Pega Version 8.6.3
A JMX exception was generated when using external Cassandra. This was traced to the combination of calling truncate and using external Cassandra for DDS, and has been resolved by adding a 'do not execute' consistency check during a truncate operation when using external Cassandra.