INC-154627 · Issue 619571
Re-enabled users are able to log in
Resolved in Pega Version 8.5.3
When disabled operators were re-enabled through operator management, the forced password change on next login was manually unchecked but the operators were unable to login because the change password screen was displayed without any password entry fields. This was a missed use case for handling the change password flag on a requestor , and has been resolved by having the system skip setting the change password on next login flag for disabled users.
INC-155276 · Issue 626619
Null check added for step page
Resolved in Pega Version 8.5.3
After creating and adding new Access Roles and application 'Access When' to the privileges instead of Production level, during run time the error "runtime.IndeterminateConditionalException: Trying to evaluate Rule-Access-When conditions L:IsProdAccess when there is no page to evaluate them against" appeared for the specific privileges. This was traced to a missed use case where the system falls back to the step page if the page for evaluating the 'when' condition is null, which did not account for scenarios where the step page can be null. To resolve this, a null check has been added which will fetch the primary page if the step page for the access 'when' condition is null.
INC-155813 · Issue 629506
SAML SSO redirects to correct URL when application and authentication aliases match
Resolved in Pega Version 8.5.3
Whenever there was a match in the authentication service alias and the application alias, the application alias was replaced with empty after logoff instead of making the authentication service alias empty. For example, given an authentication service with the alias XYZ ("login with XYZ" alias option) and an application name XYZMyOps, the application alias was being changed from XYZMyOps to appMyOps after logoff. As a result, a blue screen error resulted when clicking on button "login with XYZ" again because it redirected to appMyOps, which didn't exist. This has been resolved by removing authservicealias and modifying AuthServiceAliasHelper.adjustPathIfAuthServiceAliasPresent() to change the method for calculating the pathinfo to string tokenizing
INC-156128 · Issue 620484
Added mail/telephone link to allowed CSP child frame
Resolved in Pega Version 8.5.3
After upgrade from v8.3 to v8.5, clicking on the mail / telephone link in the out of the box case participants gadget generated the Content Security Policy error "This content is blocked. Contact the site owner to fix the issue." Examination of the browser dev-tools console indicated the object refused to frame because it violated the Content Security Policy directive: "frame-src *". This behavior was specific to the Google Chrome browser, and has been resolved by adding code so the mailto: and tel: will be added to the frame-src when Data is selected under Child Frame-Source option. Unchecking the Data checkbox for Child Frame-Source on the policy landing page will remove these from allowed actions under CSP.
INC-156647 · Issue 626295
Improved disconnected requestor cleanup for FieldService
Resolved in Pega Version 8.5.3
A large number of requestors from FieldService with the status as 'Disconnected' were accumulating and causing performance issues. This was traced to the requestors not getting passivated due to users not logging out and new requestors being created for the same users next time, and was caused by the value of the DSS Initialization/PersistRequestor being set as "OnTimeout". When the DSS prconfig/timeout/browser/default is not configured, the default browser requestor timeout is 60 minutes. In this scenario, requestors were not passivating as the requestor passivation timeout was set to the refresh token lifetime for mobile users, which was very large and overwrote the DSS value. This has been resolved by removing the code which set the passivation timeout to the OAuth2 refresh token lifetime.
INC-160024 · Issue 625832
Deprecated authentication methods removed
Resolved in Pega Version 8.5.3
After upgrade, attempting to trigger the Pega hosted API externally through Post Man resulted in the exception "The method getAuthenticationService() is undefined for the type OAuth2AccessTokenValidation". This was traced to the use of references to the methods getAuthenticationService() and getAuthenticationServiceType(), which are not in use from v8.5 onwards in pzOAuth2AuthenticationActivity and have now been removed. For OAuth2 authentication, the service package should use authentication type as OAuth2; the system will then take care of validating the token and establishing the operator context.
INC-184040 · Issue 688255
Improved accessibility for Disclosable Documents/attach files/auto selection dropdowns
Resolved in Pega Version 8.6.4
When using Dragon for accessibility, issues were seen when trying to select different options in the dropdowns related to attaching multiple files. This was caused by the legacy grids being used not supporting this type of accessibility functionality, and has been resolved by updating pzAttachFileDDFileList to use an optimized table instead.
INC-187350 · Issue 703198
UUID added to iOS direct photo upload to differentiate filename
Resolved in Pega Version 8.6.4
When "Content Storage" with the option "Store in repository" was enabled on the "Integration" tab in the Application definition, it was not possible to add more that two attachments to a case with an iPhone when directly capturing a photo through the camera app instead of uploading the photo as an attachment using the gallery. When using the default "Store in Pega database", the additional photos could be uploaded directly from an iOS camera without any errors. Investigation showed that when "Store in repository" was enabled, a file name conflict check was done in the repository. Because the iOS camera app saves/uploads every image as "image.jpg", this caused the error when checking for a filename conflict in the repository. This has been resolved by adding code to append a UUID to the attachname when the device is mobile and browser is Apple Safari.
INC-192673 · Issue 689554
Tab highlighting updated
Resolved in Pega Version 8.6.4
Not all elements were indicated with yellow highlighting when tabbing through the screen. This has been resolved.
INC-194180 · Issue 704638
GetChildcases handling updated for large numbers of cases
Resolved in Pega Version 8.6.4
When a very high number of child cases being processed contained a wait shape that was dependent on the movement of a parent case, some of the cases were moved to the next step of the flow automatically while others required a manual command to ResumeFlow. In extreme cases where many child cases were waiting, a node crash could occur. This was traced to the pzGetChildcases report having a maximum value of 500 lines, and has been resolved by increasing the maximum number of rows to retrieve to 9999 in the Data Access Tab of the pzGetChildCases report definition. In addition, the pxCheckFlowDependencies activity has been modified to perform with a higher number of cases, and DSS(MaxRecords) logic has been added to split the child cases into multiple queue items for each access group to decrease load on each thread process.