SR- · Issue 402877
Merge Wizard errors fixed, and created rules will use the highest ruleset version available
Resolved in Pega Version 8.1.1
Code errors in the Merge Wizard that were causing Null Pointer Exception errors have been fixed, In addition, branch rule sets created through this wizard did not have the 'Application validation' option and rule set pre-requisite filled automatically; the system has been updated so the version prerequisite will be the highest existing ruleset version in the ruleset.
SR-A101242 · Issue 270252
STS Policy parsing fixed for Apache Rampart
Resolved in Pega Version 7.2.2
Changes to the Apache Rampart code in Pega 7 introduced an error with parsing the the Web-Service-Policy with a PRCustom activity that writes the SAML token to the requestor during login with an STS / SSO context. This has been rectified by creating an object of com.pega.apache.ws.secpolicy.model.HttpsToken class and setting values based on the parameters set in the received policy assertion.
INC-151253 · Issue 607624
Hash comparisons adjusted for upgraded sites
Resolved in Pega Version 8.5.2
Existing Pega Diagnostic Cloud SSO URLs were not working after upgrade. This was traced to the previous tenant hash (or AG hash) having padding characters like ‘(’ which are no longer used in higher versions. This caused the tenant hash comparison during the SAML login flow to fail. To resolve this, the system will not compare an incoming tenant hash (in relay state) with a current platform tenant hash, but instead will rely on the “/!” pattern to identify the tenant hash in the relay state.
SR-C46537 · Issue 402866
Code added to format location header for redirect response in IE
Resolved in Pega Version 8.1.1
When using Internet Explorer, authentication was working but the portal did not load. This was traced to IE mandating the presence of a location header in the response: an HTTP 303 "See Other Response" was being returned along with the initial portal HTML payload, but recent modifications to SAML 2.0 to use the PRAuth Servlet were missing this specific redirect case. To resolve this, generic code has been inserted that adds the location header in all redirect cases.
INC-130703 · Issue 597255
Operator provisioning on authentication service corrected
Resolved in Pega Version 8.5.2
When operator provisioning was triggered on user login via authentication service, the error "ModelOperatorName is not valid. Reason: declare page parameters not supported by PropertyReference" was generated. This was traced to optimization work that had been done on the expression evaluation for operator identification, and has been resolved by adding the required GRS Syntax support in the Operator Provisioning section in SAML and OIDC.
SR-C46793 · Issue 402870
Fixed single logout for Mashup applications and updated logging for pzAuthServiceSelector
Resolved in Pega Version 8.1.1
When the GOC (Global Operations Console) application was added as a mashup application to MSP (My Support Portal), logging off from MSP showed the GOC session in a disconnected state despite them using the same SSO application service. The issue was traced to homeurl not being stored properly in mashup use cases, and has been resolved by getting the property homeurl from pxRequestor page instead of pxThread page. In addition, the pzAuthServiceSelector activity was including an 'infoForced' log message. Although the redirect URI does not contain any confidential information, the 'state' parameter should not be visible in logs. This has been handled by changing oLog.infoForced to oLog.debug().
SR-A24408 · Issue 248682
Page clearing added for AuthReqContex
Resolved in Pega Version 7.2.2
The page "AuthReqContex" was loaded up during SAML authentication and then passivated, but the pages were retained in the clipboard and improperly activated by an unknown thread, causing an error. This has been resolved by adding Page-Remove steps wherever needed in auth activity and logout activity (AuthReqContext, LoginInfo, ReqInfo, RelayStateInfo, and SessionInfo) to remove the pages that are no longer needed.
SR-A94633 · Issue 261954
Mouse clicks work on touchscreen/mouse combo devices
Resolved in Pega Version 7.2.2
When using Google Chrome with a touchscreen and mouse combination, some click events such as Calendar date picker were not working when using the mouse. This was due to MenuSystem not using the generic isTouchable API, and this has been updated.
INC-154205 · Issue 618735
Corrected wrap text for Cosmos radio buttons
Resolved in Pega Version 8.4.4
When using Cosmos, radio buttons with large labels were displayed with the text overlapping even when wrap text was enabled and the radio button placement was incorrect. This was traced to a height of 32px being set as the default, overriding the wrap text setting, and has been resolved by adding CSS to set the height as auto when wrap text on radio label is used.
SR-A93912 · Issue 261494
SSLUtils modified to support app container keystore/truststore
Resolved in Pega Version 7.2.2
Keystore and truststore configured at application container level were not being used by SOAP Connectors. To facilitate use, when SSL settings are not provided at a rule level SSLUtils will create a wrapper around the Java default SSL artifact and use that.