INC-188573 · Issue 671570
Handling added to process Actions chunks on multiple nodes
Resolved in Pega Version 8.7
If the synching of chunks to a node was interrupted, attempting to resume the remaining chunks resulted in a processing issue if the Load Balancer passed the connection to a different node than was used for the first connection. As an example, if chunks were synched to node "A" and the restarted sync saved the remaining chunks to node "B", when all chunks were synced node "B" incorrectly determined node "A" was actually doing the work and skipped the processing of the chunks on node "B". This resulted in queued chunks being left untouched. To resolve this, the logic has been updated to allow multiple nodes to process the chunks.
INC-191970 · Issue 680396
Updates made for reviewing online case in an offline app
Resolved in Pega Version 8.7
After developing a Field Service Mobile app on Pega 8.3, updating and assessing the Mobile App on Pega 8.6 resulted in a flicker in the back arrow for returning to the work list. This was traced to WebViewManager not being available for online cases in offline apps, and has been resolved by adding an update that will use attachOnload/detachOnload if WebViewManager is not available. In addition, an issue with creating a space or document on mobile has been corrected by using the onViewRendered method instead of attachOnload for the offline app case.
INC-192159 · Issue 691022
Handling added for designtime page used in runtime
Resolved in Pega Version 8.7
After creating a survey with branch Create survey cases routed to different actors, some cases missed the assignments and were left idle with no access to progress. Survey cases (with branches) having the 'when' conditions in flow connectors experienced this intermittently in production. This was traced to the use of D_pzSurveyPage data page called from the ProcessUpdate data transform while creating the survey: this data page is for design time and should not be used at runtime as it requires design time pages like CaseTypePage which will not be available at runtime. To resolve this issue for runtime, in Step 3 of pzGetAllConnectors, pyClassName will be copied from the step page and set for pzGetConnectorsForDecision.
INC-157095 · Issue 638808
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.7
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
INC-162434 · Issue 640051
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-163201 · Issue 646910
BrowserFingerprint updated
Resolved in Pega Version 8.7
Security improvements have been added to the browser fingerprint process.
INC-163914 · Issue 668846
Improved Agile Studio passivation recovery
Resolved in Pega Version 8.7
When an Agile Studio session was passivated, the error "SECU0008 : CSRF Detected and Blocked" was seen. Reactivating the session resulted in a blank page. This was traced to the clearing of requestor level registrations added for that particular thread, and has been resolved by adding a new flag to identify if a thread is passivated along with the necessary structure for the conditionalized clearing of requestor level registrations based on this flag.
INC-164336 · Issue 634151
URL validation updated to handle custom token endpoints
Resolved in Pega Version 8.7
While saving an authentication profile with OAuth details, validation was failing for a valid URL given in the access token endpoint and revoke token endpoint fields. This was traced to the use of the Apache URL validator, which considered some domains to be invalid. To resolve this, the urlvalidator constructor has been updated to include a custom RegexValidator for access token and refresh token URLs.
INC-168837 · Issue 646972
CSRF token updated for use with OKTA login
Resolved in Pega Version 8.7
An issue seen while connecting via OKTA has been resolved by updating the CSRF token validation for use with IDP initiated SSO login.
INC-169186 · Issue 655537
Disconnect button availability extended
Resolved in Pega Version 8.7
A case was not refreshing when the disconnect button was selected while using the standard section for authorization grant type authentication. This was traced to a query executed to find a div with attribute pzInsHandle, but that attribute was not applicable in the user portal. To support this use, the query has been extended to be applicable for user portal (attribute data-ui-meta) and Dev Studio landing page.