INC-169310 · Issue 649712
Cache check added for SQL queries
Resolved in Pega Version 8.6.1
When performing load testing, a high number of gets were seen for some SQL Queries. In order to improve performance, a check has been added in GlobalTrustStoreCacheImpl.java to assess whether the cache has been initialized or not.
INC-170423 · Issue 648983
Added catch for SAML WebSSO duplicate key exception
Resolved in Pega Version 8.6.1
After logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint. Cannot insert duplicate key in object." This has been resolved by updating the session index handling and adding a catch for the duplicate key exception.
INC-171875 · Issue 653893
Skip restored for browser request CSRF token
Resolved in Pega Version 8.6.1
Many SECU0008 alerts were seen in the production logs. This was the result of a CSRF token check on requests without pyActivity or pyStream, and has been resolved by restoring a conditional skip of the check as those other browser requests do not contain a CSRF token.
INC-173294 · Issue 650235
Mobile "Forgot Password" supports circumstanced rule
Resolved in Pega Version 8.6.1
An enhancement has been added to support a circumstanced rule for the "Forgot Password" flow on mobile.
INC-175058 · Issue 660934
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.6.1
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-175706 · Issue 659528
SSLContext created using protocol from REST connector rule form
Resolved in Pega Version 8.6.1
After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.
INC-175897 · Issue 655467
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.6.1
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after update new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-120326 · Issue 564435
Landing page refresh modified to avoid frequent reloads
Resolved in Pega Version 8.2.7
Approximately every two weeks, clients were able to login but it was not possible to work as the landing page refreshed constantly until all of the nodes were rebooted and the issue was cleared. Investigation indicated the frequent reloads were related to the cacheing of the operator details, and this has been resolved by updating the datapage reload strategy based on 'when' so frequent reloads will be avoided.
SR-D68572 · Issue 543003
Added check for duplicate attachment names with S3
Resolved in Pega Version 8.2.7
S3 Storage does not allow duplicate file names, but the AttachContent function was allowing duplicate file attachments. Due to this, the sync was failing to attach on the server and the message was never communicated to the client. This has been resolved by adding a check for duplicate file names when the storage is repository.
SR-D77580 · Issue 550093
Corrected Survey button refresh issue
Resolved in Pega Version 8.2.7
After implementing a Pega Survey question page with dynamic / reflexive questions (Answer to Question 1 determines Question 2 and so on) where every answer pick caused a refresh, picking various radio buttons quickly caused an unexpected busy indicator. Investigation showed that on click, both refresh section and run activity were executed asynchronously, triggering the property mapping refresh before answers were clicked. To correct this, the clearSelection function call in pzsurvey_ui_userscript JS file has been modified, and questionPageName has an added 'if' condition.