SR-B44278 · Issue 302830
MT guide updated for rules blocking/restriction
Resolved in Pega Version 7.3
The MultiTenant guide has been updated to clarify what causes rules to be blocked or restricted and the possible consequences of unrestricting rules.
SR-B48780 · Issue 305215
Oracle/Unix documentation updated with JDBC instructions for urandom instead of random
Resolved in Pega Version 7.3
The Install/Upgrade guides have been updated to reflect that recent changes to Oracle have created the requirement of forcing the JDBC driver to use /dev/urandom instead of /dev/random to improve security as well as connection open and close performance. The guide now recommends customers running Oracle on Unix do one of the following: 1. Update $JAVA_HOME/jre/lib/security/java.security to use securerandom.source=file:/dev/./urandom 2. Set system property -Djava.security.egd=file:///dev/urandom
SR-B8847 · Issue 278000
FCM/FCMR documentation updated
Resolved in Pega Version 7.3
The documentation on the PDN for installing and configuring FCM 7.12 has been updated for FCM and FCMR.
SR-B8898 · Issue 279449
Reference to outdated property removed
Resolved in Pega Version 7.3
When building a system with WebSphere 8.5.5, DB2 10.5fp7 and Java 8, creating the environment and testing the connection on its datasource produced the warning: "DSRA8200W: DataSource Configuration: DSRA8020E: Warning: The property 'progressiveLocators' does not exist.". This was traced to a code fragment left after that property became unsupported which has now been removed.
SR-D32972 · Issue 513488
HTML entity handling added to URLObfuscation
Resolved in Pega Version 8.2.5
When URLObfuscation was enabled through the configuration settings, clicking on Operator -> Profile page generated an ArrayIndexOutOfBoundException. When obfuscation is used the decrypted string is parsed and the request map is populated, but HTML entities were not considered during this process. To resolve this, handling has been added for HTML entities and characters during obfuscation. Please note: URL Obfuscation is a legacy feature with many known limitations and it is no longer recommended that these settings be used.
SR-D37894 · Issue 505975
Query parameters will be cleared after redirection from authentication
Resolved in Pega Version 8.2.5
When using the /PRAuth Servlet, running a snapstart URL generated from a secondary application correctly executed SAML Authentication and Pega processing, but a second URL generated with different parameters ran with the parameters from the first request. The third and subsequent requests processed as expected with the parameters sent in with the request. Investigation showed that the previous parameters were picked due to the query string parameters not being cleared after redirection, and this issue has been resolved by updating the system so it will clear the parameters after issuing a redirect from the authentication policy engine.
SR-D38318 · Issue 515960
Data pages explicitly cleared after QP use
Resolved in Pega Version 8.2.5
The Util Node was showing as Offline in the Search Landing Page, and when Jobs were submitted for execution from other Nodes the message "Detected active run with unreachable nodes" was logged. The util node, configured as a backgroundprocessing node, was running QPs, the queue size for custom QPs is 500 messages /queue items per minute, but investigation showed the requestor level and thread level data pages corresponding to the QP activities were not being cleared after use. This led to high heap memory issues that made the node unreachable, and has been resolved by adding code to explicitly remove the data pages when processing has finished.
SR-D46536 · Issue 515793
Custom agent next run time will be rescheduled if the run failed
Resolved in Pega Version 8.2.5
If a customized agent that was set to run every day encountered an exception and failed to run, restarting the agent did not update it to the next run time, it still returned the passed trigger time as its next execution time. This has been resolved with an update that will reschedule the run if the next run time is in the past.
SR-D46681 · Issue 514433
SnapStart supports SAML2 Authentication
Resolved in Pega Version 8.2.5
When using an HTTP Post to SnapStart into Pega using PRCustom style or PRAuth style SAML authentication, the login was looping back to the login request. Investigation showed that the Pega ACS was posting data properly back to the RelayState URL, however the login activity was not getting the SAMLResponse and simply sent a SAML Login Request again. This has been fixed by updating reqContextURI in case of SAML2 Authentication service so pyActivity=value will be passed.
SR-D47685 · Issue 514646
Cookie logging restored
Resolved in Pega Version 8.2.5
As part of security updates, Cookies were restricted from being logged. However, this caused some business use cases such as a custom function call to obtain the list of cookies that are present in the application to stop working. To resolve this, the cookie logging restriction has been reverted.