SR-D50436 · Issue 513849
Case creation service activity unauthorized response modified
Resolved in Pega Version 8.2.5
When unauthorized users accessed the URL for creating a case, a blank screen appeared instead of the user being routed to a login screen. This was due to the system returning an HTTP 400 error instead of HTTP 401 response, and was traced to the introduction of an anonymous user type in the authentication activity (Authentication service in the service package). Case creation REST service uses pzCreateCase activity to create the cases, but before introducing the anonymous user type it was exiting from the authentication activity and did not call pzCreateCase. This was traced to the error handling relying on a field value to be in English when instead the site had localized the value, causing a mismatch which did not generate the necessary failed status. To avoid this, the system will now use the new pxStatusFlowSecurity process engine status instead of relying on a text match to determine this error.
SR-D50793 · Issue 514258
PegaEmailClient Debug level EmailAccount password issue resolved
Resolved in Pega Version 8.2.5
The SendEmailNotification activity was failing to send email when DEBUG log level was enabled for the com.pega.platform.integrationengine.client.email.PegaEmailClient class. This was traced to the removal of the pyPassword property from the copied object which was done for security reasons, but which is this case led to failed authentication. This has been resolved.
SR-D56079 · Issue 517628
Content type added to Httpclientutils
Resolved in Pega Version 8.2.5
The XML Response received from Connect HTTP Service was being converted to Base64 format automatically. This was traced to there not being a content type in the response header from the service, causing the content to be treated as binary and encoded before being mapped to the clipboard. To correct this, content type has been added to Httpclientutils.
INC-193485 · Issue 695640
REST authentication settings use fully qualified name for resolution
Resolved in Pega Version 8.7.2
The application setting used in REST connectors for authentication was resolving to similarly-named rules instead of matching the exact name of the rule. This has been resolved by enhancing pzGetSettingID to use both parts of the fully qualified name (name and category) provided by the pzSettingsORA control when determining which setting from the report to return.
INC-197479 · Issue 705111
ClusterAndDBCleaner updated to with with Oracle query limits
Resolved in Pega Version 8.7.2
The pzClusterAndDBCleaner job scheduler was not able to cleanup data in pr_op_data session table due to the delete query formed to clean up this table throwing "ora-01795 maximum number of expressions in a list is 1000 oracle 19c" exception. This has been resolved by splitting requestor IDs into batches of 1000.
INC-199192 · Issue 689037
Check added to ensure StepPage generation for Top keyword
Resolved in Pega Version 8.7.2
A ClassCastException was thrown when top page is used, indicating "com.pega.pegarules.data.internal.clipboard.ClipboardPropertyImpl cannot be cast to com.pega.pegarules.pub.clipboard.ClipboardPage". This has been resolved by adding a check which will generate a myStepPage for Keyword "Top" as necessary.
INC-202183 · Issue 710296
ClusterAndDBCleaner updated to with with Oracle query limits
Resolved in Pega Version 8.7.2
The pzClusterAndDBCleaner job scheduler was not able to cleanup data in pr_op_data session table due to the delete query formed to clean up this table throwing "ora-01795 maximum number of expressions in a list is 1000 oracle 19c" exception. This has been resolved by splitting requestor IDs into batches of 1000.
INC-204998 · Issue 705629
Data page definition reload made more robust
Resolved in Pega Version 8.7.2
The data page was intermittently being removed from the cache. This was traced to the use of a thread from ThreadContainer to reload the data page definition: a null thread could be returned if the request came from a master agent, which would then cause the definition reload to fail. This has been resolved by updating the system to use the current thread in context to reload the data page definition.
INC-207009 · Issue 701555
Explicit expiration added to avoid searching for expired requestor
Resolved in Pega Version 8.7.2
A login page was taking long time to display. This was traced to pre-authentication cookie in the browser pointing to the requestor object on the server which triggered a lookup across the entire cluster of servers to find the requestor. This was not only taking time, but the attempt to find the requestor in the cluster would always fail to return results as the requestor was not passivated but instead removed after two minutes. To resolve this, an expiration has been added to the Pega-RULES cookie when the value is pre-authenticated. The time to expire is derived based on the short-lived requestor time for unauthenticated requestors + 1 minute, and will be 2 minutes by default. This will avoid searching for a requestor across all nodes in cluster when the requestor has already timed out and been destroyed by server.
INC-207159 · Issue 707619
Localization added for delegated datatype tab
Resolved in Pega Version 8.7.2
Localization was not working for the title of a thread which opened when attempting to edit the delegated datatype. This has been corrected.