INC-175058 · Issue 660935
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.5.5
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-175706 · Issue 659529
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.5.5
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-179188 · Issue 661955
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.5.5
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-179360 · Issue 662180
Check added for allowed editing with CSRF
Resolved in Pega Version 8.5.5
After enabling CSRF, it was not possible to edit a data table used to define ACL rules due to security preventing the adding/editing of rows and user group entitlements. This has been resolved by using browser FingerPrint validation to check whether an activity is in a secured list and skipping validation for allowed activities.
INC-180858 · Issue 660801
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.5.5
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-167606 · Issue 657153
Optimization prconfig check added for TableInformationMap
Resolved in Pega Version 8.5.5
A prconfig setting check has been added to the TableInformationMap use of OPTIMIZE_SMA_QUERY during its foreign key lookup.
INC-185758 · Issue 668961
Optimized GenerateID feature for case creation
Resolved in Pega Version 8.5.5
Enhancements have been added to support high-performance high-volume case ID generation on multiple databases including Oracle , MS-SQL, and Azure.
INC-170458 · Issue 667371
Handling updated for queue processor locks
Resolved in Pega Version 8.5.6
The Final activity mentioned in the processing epilog of the Service File rule was not being consistently called from File Listener, causing some of the cases to become stuck and not continue to the next stage. Investigation showed that if the lock was held by the queue processor requestor, the system was unable to obtain the lock but still proceeded to update the LogServiceFile page and persist it. This resulted in overwriting changes made on the LogServiceFile page by the requestor, resetting the completed-batches-count set back to 0. To resolve this, RuleServiceFile -> updateLSFBatchCounts() will call the overloaded lockAndLoad() method in LogServiceFile that accepts a parameter called lockAttempts. This will attempt to obtain a lock for a given number of times before throwing an exception.
INC-172849 · Issue 665981
SortPageList method updated for Obj-Sort
Resolved in Pega Version 8.5.6
Sorting page lists backed by a node level datapage using Obj-Sort was causing a ConcurrentModificationException. This has been resolved by updating the SorterImpl.sortPageList method to use java7CollectionsSort instead of collectionsSortWithInferenceEngineDisabled.
INC-173434 · Issue 672674
Pushservlet cookie path updated to resolve error
Resolved in Pega Version 8.5.6
A very large number of exceptions were being logged indicating "Unhandled error in web.request.internal.URLComponentProcessorImpl.populateCSRFToken", impacting the ability to perform log analysis. This exception has been resolved by updating the pushservlet cookie path.