SR-D75498 · Issue 545068
Resolved null-pointer exception for Token based Authenticated Rest
Resolved in Pega Version 8.3.3
When logging in with auth0 OIDC auth service and then trying to use connect-Rest with an authentication profile using an auth0 provider, a null pointer error was generated indicating connect-Rest could not find the Access token. Even thought the Authentication service (OIDC) and authentication profile (authorization grant) both had the same scopes (“openid profile email”), OIDC flow and authentication profile save the Access Token with different scopes. Specifically, OIDC saves the token with an extra trailing space. Handling has been added to correct this.
SR-D92837 · Issue 551004
SameSite cookie setting updated for pre-authentication
Resolved in Pega Version 8.3.3
In work done in previous versions to modify the SameSite cookie handling to support Mashups in Google Chrome v80+, SameSite was set to None only in case of an authenticated Pega-RULES cookie and not for a Pre-authenticated cookie. That caused the Samesite value to not be set when using a pre-authenticated cookie, and the blank value was treated as 'Lax', causing a login challenge. To resolve this, Samesite will be set to 'None' when using pre-authenticated cookie, which will match the way it is being set in authenticated cookie.
SR-D90452 · Issue 551808
SSOPreAuthenticationActivity runs until success
Resolved in Pega Version 8.3.3
When a user visited a public-facing application via a Single Sign-On (SSO) URL that redirected to SAML IDP for authentication, the first time the URL was hit the system correctly executed pySSOPreAuthenticationActivity as part of pre-authentication to determine if authentication is possible/allowed. If the pySSOPreAuthenticationActivity set the pyAuthenticationPolicyResult to 'false', authentication was not allowed: the user was not redirected to the IDP and an error message was shown. However, if the same URL is hit again after that rejection without any changes, the user was redirected to the IDP for authentication because the preauthentication activity was not run again. This has been resolved by updating the system to continue to call the pre-authentication activity for the SSO URL until a success status is returned by the activity.
INC-161463 · Issue 638003
Case Dependency corrected for different access groups
Resolved in Pega Version 8.7
Creating a queue item as part of the case dependency was not working as expected when the access groups of the dependent cases were different. Investigation showed that in this scenario, the logic was looping differently and the DependencyList page in pxCheckFlowDependencies was getting removed. To resolve this, the DependencyList page has been moved so it is processed inside the DependencyList.pxResults loop.
INC-161948 · Issue 638963
Locking settings enabled for circumstanced case types
Resolved in Pega Version 8.7
Optimistic locking options were not present for a circumstanced case type, and the option to select the "Lock parent case when an action is performed on this case" check box was not available. However, when the parent case type was enabled with optimistic locking, a circumstanced child case could inherit a lock from its parent. Because "Lock parent case when an action is performed on this case" was not enabled on the circumstanced child case type, trying to update the parent case from the child case and save the parent case resulted in a "Lock not held on parent" error. This was a missed use case, and has been resolved by enabling locking settings in Case Designer for circumstanced case types.
INC-162168 · Issue 644731
Refresh works for nested lists
Resolved in Pega Version 8.7
After creating Pagelist A with another Pagelist within (B), a section was created with a repeating dynamic layout to display Pagelist A and a button was added with action set to refresh this section. In the embedded section of the repeating dynamic layout, a nested repeating dynamic layout was created for Pagelist B and a button was set to refresh this section. When using this configuration, the refresh was returning the actionID for Pagelist A regardless of which button was used. To resolve this, an update has been made which will iterate over the stack and append the individual indexes to the encoded value in the pzAPICreateJsonForField function.
INC-162763 · Issue 646109
Case creation and Save As performance improvements
Resolved in Pega Version 8.7
Performance improvements have been made to the getApplicationRuleSetList() function to avoid unnecessary and repetitive database calls.
INC-163154 · Issue 638100
Code updated for bulk actions buttons
Resolved in Pega Version 8.7
After upgrade, hovering over the "Filter case" button in pzBullkUpdate and the "Create" and "Clear" buttons in pzBulkAddActions caused them to disappear. The warning "This button generates markup that was used to support the older browsers. It is recommended that you update it to the newer markup" was shown, and an update code button appeared. Some custom rules exhibited the same behavior initially, but worked as expected after updating the code and saving them. This has been resolved by updating the buttons in pzBulkUpdate and pzAddBulkActions with the latest UI technologies used for button control codes.
INC-168368 · Issue 651081
Correct flow actions loaded in multi-thread portal refresh
Resolved in Pega Version 8.7
The member authentication screen was displaying an incorrect flow action on doing browser refresh after creating a new interaction. Refresh is a special case where the parameter retention is different across single-threaded & multi-threaded portals alongside the execution order of activities. In this case, this inconsistency occurred in a multi-threaded portal when newAssignPage had the information to load the proper assignment but the parameter indicated an old index. This has been resolved by adding 'when' conditions to to populate and pass the correct references and labels and to honor the Param.TaskIndex set and sent by UI activities so it's retained in case of multi-thread portals.
INC-170041 · Issue 655251
Check and error message added for filename containing "%00"
Resolved in Pega Version 8.7
At the time of file attachment or upload, if the file name contained % followed by two 0s (%00), the file upload mechanism distorted the UI and the Pega logo screen popped up. The file was saved properly in the ServiceExport directory, but while fetching the attachment info, the file was split in two because the engine considered %00 as a delimiter. This has been resolved by adding a file name check and a pyInvalidFileName field value to be used for an error message.