SR-C51744 · Issue 406708
Corrected SAML SSO logout error
Resolved in Pega Version 8.2
When performing a SAML SSO Logout, an error appeared indicating some artifacts were missing. This was traced to an incorrect NameQualifier being generated with IDP in the logoff request, and has been fixed by modifying the code to include an SPNameQualifier attribute for the NameID element in the logout request. Namespace has been added for logout requests at the parent level instead adding it at each node element.
SR-C70146 · Issue 407966
Corrected SAML SSO logout error
Resolved in Pega Version 8.2
When performing a SAML SSO Logout, an error appeared indicating some artifacts were missing. This was traced to an incorrect NameQualifier being generated with IDP in the logoff request, and has been fixed by modifying the code to include an SPNameQualifier attribute for the NameID element in the logout request. Namespace has been added for logout requests at the parent level instead adding it at each node element.
INC-178148 · Issue 660925
Handling added for SSO servlet name
Resolved in Pega Version 8.6.2
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
INC-188405 · Issue 673065
Handling added for SSO servlet name
Resolved in Pega Version 8.6.2
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-C65438 · Issue 406709
Added SAML parameter page generation for local use to bypass null auth object
Resolved in Pega Version 8.2
After defining any step which used parameters in the Post authentication activity of a SAML authentication service, the authentication failed with a java.lang.NullPointerException at com.pega.pegarules.session.internal.mgmt.Executable.putParamValue(Executable.java:3030). This was traced to local logic inserted to iterate through the SAML attributes that used a null parameter page. To resolve this, code has been inserted that will generate a new parameter page for the iteration rather than getting it from the authentication object.
SR-B37819 · Issue 296299
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 300643
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-B43950 · Issue 301551
SAML SessionInfo cleanup enhanced
Resolved in Pega Version 7.3
The following SAML issues have been corrected: 1) when IDP logout URL was empty, SAMLSingleLogOff activity generated an exception; 2) the SAML Session info record was not deleted during logout process even when given a valid IDP logout URL; 3) the SAML session info record was not deleted for both SP and IDP initiated logouts.
SR-C64783 · Issue 407087
Corrected handling for SAML logoff
Resolved in Pega Version 8.2
On SAML logoff, the error "There has been an issue; please consult your system administrator; Status:fail ... No certificate found in truststore" appeared. Investigation showed this was an issue with the aliasing of certificates and signing that led to the requestor not being terminated for that logoff response. To correct this, when Pega receives a logout request which is invalid, it will terminate the session instead of throwing a PRRunTimeException.
INC-174267 · Issue 669672
Wait action persists when using Urgency Adjustment
Resolved in Pega Version 8.6.2
When using the Urgency Adjustment (pyAdjustAssignmentsla standard local action), once a case reached the wait action and the goal and deadline were updated the previous pyWaitAction was not being stored. This has been resolved by ensuring the previous pyWaitAction will be stored and passed to the AddAssign activity.