SR-A101242 · Issue 270252
STS Policy parsing fixed for Apache Rampart
Resolved in Pega Version 7.2.2
Changes to the Apache Rampart code in Pega 7 introduced an error with parsing the the Web-Service-Policy with a PRCustom activity that writes the SAML token to the requestor during login with an STS / SSO context. This has been rectified by creating an object of com.pega.apache.ws.secpolicy.model.HttpsToken class and setting values based on the parameters set in the received policy assertion.
SR-A24408 · Issue 248682
Page clearing added for AuthReqContex
Resolved in Pega Version 7.2.2
The page "AuthReqContex" was loaded up during SAML authentication and then passivated, but the pages were retained in the clipboard and improperly activated by an unknown thread, causing an error. This has been resolved by adding Page-Remove steps wherever needed in auth activity and logout activity (AuthReqContext, LoginInfo, ReqInfo, RelayStateInfo, and SessionInfo) to remove the pages that are no longer needed.
INC-211426 · Issue 706060
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.7.2
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
INC-216053 · Issue 716444
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.7.2
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
SR-A94633 · Issue 261954
Mouse clicks work on touchscreen/mouse combo devices
Resolved in Pega Version 7.2.2
When using Google Chrome with a touchscreen and mouse combination, some click events such as Calendar date picker were not working when using the mouse. This was due to MenuSystem not using the generic isTouchable API, and this has been updated.
SR-A93912 · Issue 261494
SSLUtils modified to support app container keystore/truststore
Resolved in Pega Version 7.2.2
Keystore and truststore configured at application container level were not being used by SOAP Connectors. To facilitate use, when SSL settings are not provided at a rule level SSLUtils will create a wrapper around the Java default SSL artifact and use that.
SR-A93912 · Issue 264848
SSLUtils modified to support app container keystore/truststore
Resolved in Pega Version 7.2.2
Keystore and truststore configured at application container level were not being used by SOAP Connectors. To facilitate use, when SSL settings are not provided at a rule level SSLUtils will create a wrapper around the Java default SSL artifact and use that.
SR-A93593 · Issue 260733
Cross Origin mashup request fixed for Microsoft Internet Explorer /Safari
Resolved in Pega Version 7.2.2
When the mashup code hosted in domain1 was trying to access the PRPC content hosted in domain2, it failed when using Microsoft Internet Explorer and Safari but worked in Google Chrome. For a HTTP request whose response status is 303, the response headers given using Dynamic system setting "http/responseHeaders" were not being sent. This has been corrected.
SR-A92015 · Issue 260437
MobileSnapStart portal works with OpenWork
Resolved in Pega Version 7.2.2
When using pyMobileSnapStart and openWorkByHandle, the portal was displaying along with the case. However, any portal action that went through OnDesktopAction failed even though actions within the case were working. This was an issue with Portal actions not working when using openWork, and has been fixed with an added null check for docsRecreateInfo in dynamiccontainer_lite js to handle pyMobileSnapStart cases.
INC-215582 · Issue 712285
Cosmos calendar icon handles allow entry set to no
Resolved in Pega Version 8.7.2
When using the Cosmos theme, the Calendar icon became disrupted when "allow text entry" option was set to "no". This has been resolved.