SR-D76567 · Issue 545448
ABAC DSS setting reflected in all nodes
Resolved in Pega Version 8.2.6
When the ABAC (Attribute-based access control) DSS was disabled, the change was not reflected in all the nodes automatically. This was traced to a difference in parameter name: SecurityCacheProvider.pulseChange(), while consuming pulse message on another node, expects to get ".pyPurpose" from the StringMap. Because the system was setting "pyPurpose", aKeys.get(".pyPurpose") returned nothing, and the policy cache iwa not cleared on other nodes. This has been resolved by ensuring naming consistency with "pyPurpose".
SR-D78045 · Issue 539891
Cleanup added for staging directory
Resolved in Pega Version 8.2.6
Temporary files from imports and exports (from DevOps) were filling up the staging area disk space because there was no automatic process for cleaning up these local files. This has been resolved by adding an enhancement that will clear the directory on Engine Startup and any time ParUtils.setStagingDirectory gets called to initialize the staging directory.
SR-D78987 · Issue 544061
Support for custom jvm.args added
Resolved in Pega Version 8.2.6
In order to support Oracle PKI and other ticket based authentication, support has been added for custom jvm.args properties to setupDatabase and prpcUtils properties files.
SR-D79178 · Issue 543312
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.2.6
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings in the CSRF LP (DevStudio-> System-> Setting-> CrossSiteRequestForgery) which will enforce HTTPS for the Pega server and mashup. Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For mashups to work, SameSite should be set as None. To follow proper security standards, it should be set as Strict.
SR-D83053 · Issue 544268
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.2.6
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings in the CSRF LP (DevStudio-> System-> Setting-> CrossSiteRequestForgery) which will enforce HTTPS for the Pega server and mashup. Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For mashups to work, SameSite should be set as None. To follow proper security standards, it should be set as Strict.
SR-D83192 · Issue 545057
JobScheduler DST handling updated
Resolved in Pega Version 8.2.6
When the locale being used changed out of Daylight Savings Time, scheduled jobs did run at the same local time as before but instead ran an hour earlier than expected. Investigation showed that jobscheduler calculated the next runtime based on the time difference from the cluster reference time and current time in milliseconds, and this offset in milliseconds was added to next run time. Since the cluster was started in DST, the job was running on same time due to the time difference. To resolve this, the system will use a calculation offset and set hours/minutes to nextRunTime object so that calendar lib handles daylight savings.
SR-D28538 · Issue 502059
Corrected requestor status flag for direct map
Resolved in Pega Version 8.1.7
Numerous "Unable to create requestor" alerts were logged. This was traced to an error in HttpAPI where after retrieving the requestor from the internal requestor map directly, the requestor creation status flag was not set properly. This caused last action to post that alert instead of the correct notice of "existing requestor retrieved". This has been resolved so the flag reflects the correct status.
SR-D51554 · Issue 514064
Local UUID cache will be updated when merge event is detected
Resolved in Pega Version 8.1.7
Cluster-related issues were seen in multiple production clusters. For some nodes in the cluster the Cluster Management screen showed all expected nodes with valid Node IDs displayed, and on other nodes the Cluster Management screen showed the node ID of itself, SERVER@localhost:5701. On an impacted node displaying the wrong ID, the Node Information landing page did not work and displayed the error "Unable to execute job on ." Multiple advanced agents running on nodes in the affected clusters, both with correct and incorrect IDs, also failed with a similar error "Unable to execute job on <node's job id>". This was traced to a merge performed after a split brain. To resolve this, the code has been updated to handle merge events: when the node UUID is changed as part of a split brain recovery, the local UUID cache will be updated when the merge event is detected.
SR-D20423 · Issue 503447
Improved upgrade handling for tables using classes with property references
Resolved in Pega Version 8.1.7
After upgrade, some page property values were blank and exposed database columns did not contain the values. Investigation showed that the reference properties did not have context and hence column population was not able to determine their value. To resolve this, instead of doing column population for all the columns, the system will identify classes that have property references and that are being optimized as part of upgrade process and maintain a list of specific columns to update.
SR-D29485 · Issue 503514
Enhancement added to modify URL encryption for load testing
Resolved in Pega Version 8.1.7
An enhancement has been added which allows conditionally modifying URL encryption for load testing. This uses the flag crypto/useportablecipherforurlencryption: if true, a portable hardcoded key is used to encrypt the URLs and if false, a dynamically generated key per thread/requestor is used to encrypt the URL.