SR-D28719 · Issue 505968
Null archive check added to set import process status
Resolved in Pega Version 8.4
After running a 'prpcServiceUtils.sh import' which failed due to a low-level null pointer error, the job "IMPORTREQUEST-2" then incorrectly showed the status as 'IN PROGRESS' instead of 'FAILED'. In this case, the null-pointer exception occurred because two imports were unintentionally happening at the same time: the process copied up the same set of archives to the service export directory, but the first import processed an archive and deleted it so that the second process failed to find it. When it exited with the null-pointer exception, the status was not set to 'failed'. To resolve this, a null archive check has been added which will set the status to 'failed' if the archive is unsupported, corrupt, or not there at all.
SR-D29127 · Issue 506864
SAML data pages restored after passivation
Resolved in Pega Version 8.4
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as readonly, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D29485 · Issue 503513
Enhancement added to modify URL encryption for load testing
Resolved in Pega Version 8.4
An enhancement has been added which allows conditionally modifying URL encryption for load testing. This uses the flag crypto/useportablecipherforurlencryption: if true, a portable hardcoded key is used to encrypt the URLs and if false, a dynamically generated key per thread/requestor is used to encrypt the URL.
SR-D30955 · Issue 499873
Security updated for access roles
Resolved in Pega Version 8.4
Updates have been made in order to prevent a potential security issue related to browsing access for the Organization and Security: Groups and Roles view in Dev Studio.
SR-D36004 · Issue 513617
Check added before OperatorID page in the clipboard is deleted
Resolved in Pega Version 8.4
After configuring an access group with security policies and a one minute timeout, triggering the timeout and then failing authentication before correctly authenticating was resulting in the .operatorID page being deleted from the thread->System pages and the workIDs were listed from all workbaskets in the portal. This has been resolved by adding a check for whether the operator id page is in thread level or not before deleting it.
SR-D37872 · Issue 507342
prproductmigration build.gradle updated for new mime4j asset name
Resolved in Pega Version 8.4
While running the getMigrationLog for ProductMigration script provided in the Pega 8.2.2 media files, errors appeared referencing "NoClassDefFoundErrors when running getLogs". This was caused by the referenced class not being found on the classpath: the version of the included jar did not include the class needed due to Praxiom's default version being updated to use a new version of mime4j that required an asset name change. To resolve this, the mime4j asset name in prproductmigration build.gradle has been updated to pick up the correct version of the dependency for Praxiom.
SR-D37894 · Issue 505976
Query parameters will be cleared after redirection from authentication
Resolved in Pega Version 8.4
When using the /PRAuth Servlet, running a snapstart URL generated from a secondary application correctly executed SAML Authentication and Pega processing, but a second URL generated with different parameters ran with the parameters from the first request. The third and subsequent requests processed as expected with the parameters sent in with the request. Investigation showed that the previous parameters were picked due to the query string parameters not being cleared after redirection, and this issue has been resolved by updating the system so it will clear the parameters after issuing a redirect from the authentication policy engine.
SR-D38232 · Issue 509856
Keystore certificate alias updated to support mixed case names
Resolved in Pega Version 8.4
The Java Keystore stored aliases only in lower case letters, but it accepted uppercase letters also during retrieval. This was causing the error "No certificate found in truststore : Azure AD SSOIDPCertStore with Alias : CN=Microsoft Azure Federated SSO Certificate" when the names didn't match. To resolve this, the keystore layer has been modified to support upper case letters in the certificate alias.
SR-D38522 · Issue 504674
Timeout error notification regarding waiting for package removed
Resolved in Pega Version 8.4
During long-running deployments, an error message appeared indicating that the system was awaiting completion of the package install. This was not a genuine error, and has been addressed by removing the timeout warning. The system will wait as long as necessary to install an archive.
SR-D38613 · Issue 510004
Login will not obfuscate data for unauthenticated requestor
Resolved in Pega Version 8.4
If prconfig.xml had URLencryption and SubmitObfuscatedURL enabled, logging off from the application and idling the login screen for 5-10 minutes resulted in an Http 400 error during the next login attempt and the app data had to be manually cleared. This has been resolved by setting the system to not obfuscate data if the requestor is unauthenticated.