INC-188162 · Issue 673508
RSA-PSS signature support added for for SAML SSO
Resolved in Pega Version 8.6.3
The XML security jars have been updated to incorporate RSA-PSS signature algorithm support.
INC-160485 · Issue 655296
Trailing "/" added to public links for SSO use
Resolved in Pega Version 8.5.5
Links generated using pyWorkLinkWithLabel were not working with SSO due to not having a trailing "/" on the URL. This has been corrected by adding code to append the "/" if the public link url doesn't end with it.
INC-178148 · Issue 660926
Handling added for SSO servlet name
Resolved in Pega Version 8.5.5
After update, logging into an external site was not working correctly due to the SSO URL being appended with "/app/default". This has been resolved by updating the code to handle the servlet name properly.
SR-A2424 · Issue 205812
Latency resolved for sites with repeated SAML authentication requests
Resolved in Pega Version 7.1.9
In an installation using SAML SSO for authentication, repeatedly initiating SAML IDP requests were eventually causing poor system performance. To resolve this, support has been added to disable replay cache handling during SSO login via a DSS.
INC-174267 · Issue 657129
Wait action persists when using Urgency Adjustment
Resolved in Pega Version 8.5.5
When using the Urgency Adjustment (pyAdjustAssignmentsla standard local action), once a case reached the wait action and the goal and deadline were updated the previous pyWaitAction was not being stored. This has been resolved by ensuring the previous pyWaitAction will be stored and passed to the AddAssign activity.
SR-A3897 · Issue 209254
Resolved authentication requirements in activity pzSetQueryDefaults for SSO setup
Resolved in Pega Version 7.1.9
Code-Security.InitialProfileSetup does not need authentication to run, but during the SSO login it calls Code-Pega-Requestor.pzSetQueryDefaults which was hard-coded to require authentication. This was an error, and the SetQueryDefaults activity no longer requires authentication.
INC-182530 · Issue 695761
SAML datapages cleared before new authentication
Resolved in Pega Version 8.6.3
If a previous user had not logged out or timed out when using SAML authentication, a second person using the same device/browser would end up in the first user's session after performing their own authentication. Investigation showed the second login D_SAMLAssertionDataPage was not getting refreshed with the current user login details; this has been resolved by explicitly deleting the SAML Datapages before processing a new login if the session has not timed out.
INC-195511 · Issue 693220
Check added for child join class when using ABAC
Resolved in Pega Version 8.6.3
When a join was applied on a report definition and the same join class had a child class to which ABAC was applied (for some property eg., isABC), an "invalidreference" exception (isABC) was generated. This was traced to the system taking into account the child class of the join class while running the report, and has been resolved by adding a check to handle this scenario.
SR-A692 · Issue 205611
Resolved duplicate portal open when using Microsoft Internet Explorer 11
Resolved in Pega Version 7.1.9
When using Microsoft Internet Explorer 11, trying to access the My Group tab in the links 'Manage Operator Schedules and Profiles' was not displaying the screen correctly on click of any operator or workbasket and an extra portal window was opened. This was a browser-specific dynamic container issue where the lack of an explicit type=button declaration was causing a form submit that triggered a main page refresh. That declaration has been added.
INC-192464 · Issue 681752
PackageComponent updated for use with repositories
Resolved in Pega Version 8.6.3
Exporting a zip file created by the Component wizard to a repository resulted in an error, however the same process worked as expected when the zip file was created by the Product wizard. Investigation showed that pxPackageComponent was not kept up to date with new metadata requirements for Artifactory export. This has been resolved by modifying pxPackageComponent step 7 to set Param.ArtifactType to "component" and Param.ArtifactName to [component name]_[component version]. A privilege check has also been added to zipMoveExport.