INC-171875 · Issue 653893
Skip restored for browser request CSRF token
Resolved in Pega Version 8.6.1
Many SECU0008 alerts were seen in the production logs. This was the result of a CSRF token check on requests without pyActivity or pyStream, and has been resolved by restoring a conditional skip of the check as those other browser requests do not contain a CSRF token.
INC-173294 · Issue 650235
Mobile "Forgot Password" supports circumstanced rule
Resolved in Pega Version 8.6.1
An enhancement has been added to support a circumstanced rule for the "Forgot Password" flow on mobile.
INC-175058 · Issue 660934
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.6.1
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-175706 · Issue 659528
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.6.1
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-175897 · Issue 655467
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.6.1
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after update new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-126796 · Issue 561533
Modifications to getFunctionalServiceNodes process
Resolved in Pega Version 8.2.7
The count of the Interaction History write related threads was increasing rapidly and a stack trace indicated "waiting on condition" and "java.lang.Thread.State: WAITING (parking)" errors. Investigation showed that this was due to getFunctionalServiceNodes using Hazelcast to determine node status by making a service request on an installation with a very large number of nodes, causing thread locking. To resolve this, the implementation has been updated to avoid calling getFunctionalServiceNodes on save of Interaction History, instead using Cassandra and only calling getFunctionalServiceNodes on the master node, not on all nodes.
INC-128385 · Issue 564519
Behavior made consistent between SSA and legacy engines
Resolved in Pega Version 8.2.7
There was a behavioral disparity between the legacy execution engine and the SSA engine where the latter was not creating a new page when the index was one above the size of the page list. This has now been corrected in order to make the SSA behavior fully backward compatible with the legacy engine, i.e. a new blank page will be added to the list if the index is one above the size of the list.
INC-128898 · Issue 564690
Updated precondition checks for Tumbling Time data in event strategies
Resolved in Pega Version 8.2.7
Tumbling Time data keys in event strategies were not being properly executed when certain window configurations were used. This was has been resolved by turning off the optimalization of Cassandra reads for small windows when window size is not known upfront and set dynamically (set size by property). In addition, an issue with Cassandra timeouts after the dataflow run had been running for several months has been resolved by adding a 'time to live' value for tumbling time windows, and event strategies has been switched to use leveled compaction by default.
SR-D82727 · Issue 547723
Improved management for table pr_log_dataflow_events
Resolved in Pega Version 8.2.7
The Lifecycle event table was sometimes growing too large. This additional strain of database transaction volume caused poor performance on the Dataflow tier and lead to cluster instability and time-consuming cluster restarts. Due to problems in one of the Pulse tasks, the Pulse thread was not processing single case metrics properly and causing the unbounded queue for single case to grow. This has been addressed by switching to a fixed queue size, which is configurable with the DSS: dnode/single_case_queue_size. The default value of the DSS is 4000, and if changed a system restart is required. An error will be logged each 1000 queue misses, and metrics will be dropped if the queue is full. In addition, the Pulse task frequency has been improved and managed to prevent interference with other Pulse tasks and will be triggered only if a run is system-paused for a long interval. Rebalances now have a failsafe if something unexpected happens during the Pausing of the run, and If the cluster becomes unstable, the life cycle events logs may be disabled with dataflow/run/events/persist .
SR-D85095 · Issue 546339
Updated COUNT logic for strategies with ssavm set to true
Resolved in Pega Version 8.2.7
An error was seen when attempting to save a strategy after setting ssavm to true, indicating an issue in the “COUNT” method in Group By shape. Since the source field is not used and does not need to be evaluated here, the system has been updated to ignore the source field if the operation is COUNT.