SR-D25711 · Issue 502134
Updated dependent role validation during rule deletion
Resolved in Pega Version 8.3.1
After checking out and attempting to private-edit the "PegaRULES:WorkMgr4" AR, the rule was still shown as checked out after the edit was discarded. This was a missed use case, as Private checkouts are generally not enabled for most of the customer rulesets. To resolve this, roles in private checkout and branch rulesets will be excluded from going through dependent role validation during rule deletion.
SR-D25972 · Issue 501481
Handling added for custom error message in post-authentication activity
Resolved in Pega Version 8.3.1
The error message in post authentication activity was always appearing as 'Login terminated because a post-authentication activity or policy failed' irrespective of the actual message being conditionally set in the activity based on post authentication logic. Investigation showed that the parameter page in the SSO post-authentication activity was not being passed to the 'pzShowAuthPolicyError' activity due to the post-authentication activity executing in authenticated context whereas the HTML fragment executed in the un-authenticated context. In order to support this use, post-authentication activity will set the error message on a predefined property and propagate that to the HTML fragment by appending the error message as a query parameter in the redirect exception URL post-authentication failure.
SR-D28034 · Issue 497837
Asynchprocessor generation code deprecated from distribution
Resolved in Pega Version 8.3.1
During a Pega Rules Upgrade of the environment, the error "duplicate key value violates unique constraint "pr_data_admin_pk" was observed. This exception originated from the "Upgrade Context" target while executing a query to fetch the missing ASYNCPROCESSOR requestors for all available system names, and was caused by the system attempting to insert a single ASYNCPROCESSOR requestor more that once in the shared layer. The need to generate missing requestors only applied for installations where a custom system name was provided to the deployment properties (setupDatabase), so by default the asyncprocessor generation code has been removed from the distribution as it is no longer required for upgrades. Default system behavior now is to use system-runtime-context in place of async requestors.
SR-D28719 · Issue 505966
Null archive check added to set import process status
Resolved in Pega Version 8.3.1
After running a 'prpcServiceUtils.sh import' which failed due to a low-level null pointer error, the job "IMPORTREQUEST-2" then incorrectly showed the status as 'IN PROGRESS' instead of 'FAILED'. In this case, the null pointer exception occurred because two imports were unintentionally happening at the same time: the process copied up the same set of archives to the service export directory, but the first import processed an archive and deleted it so that the second process failed to find it. When it exited with the null pointer exception, the status was not set to 'failed'. To resolve this, a null archive check has been added which will set the status to 'failed' if the archive is unsupported, corrupt, or not there at all.
SR-D29485 · Issue 503512
Enhancement added to modify URL encryption for load testing
Resolved in Pega Version 8.3.1
An enhancement has been added which allows conditionally modifying URL encryption for load testing. This uses the flag crypto/useportablecipherforurlencryption: if true, a portable hardcoded key is used to encrypt the URLs and if false, a dynamically generated key per thread/requestor is used to encrypt the URL.
SR-D29127 · Issue 506862
SAML data pages restored after passivation
Resolved in Pega Version 8.3.1
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as read-only, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D41482 · Issue 507883
SAML data pages restored after passivation
Resolved in Pega Version 8.3.1
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as read-only, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D28460 · Issue 509364
Added timeout handling for non-PRAuth servlets
Resolved in Pega Version 8.3.1
After logging in via external authentication service (SAML Single Sign On) and setting up a timeout in the access group RuleForm, when the user performed any action and the server identified the request to be timed-out, it was expected that a SAML request would be sent from the browser to the external Authentication Server (referred as IDP) and the flow would proceed from there. This worked as expected for a non-AJAX request. To resolve this, handling has been added for timeout when using non-PRAuth authentication services.
SR-D37872 · Issue 507340
prproductmigration build.gradle updated for new mime4j asset name
Resolved in Pega Version 8.3.1
While running the getMigrationLog for ProductMigration script provided in the Pega 8.2.2 media files, errors appeared referencing "NoClassDefFoundErrors when running getLogs". This was caused by the referenced class not being found on the classpath: the version of the included jar did not include the class needed due to Praxiom's default version being updated to use a new version of mime4j that required an asset name change. To resolve this, the mime4j asset name in prproductmigration build.gradle has been updated to pick up the correct version of the dependency for Praxiom.
SR-D41637 · Issue 512268
Mashup URLs will include thread name for better passivation recovery
Resolved in Pega Version 8.3.1
Mashup screens were distorted after keeping the screen idle for more than 1 hour and then trying to switch between accounts. Investigation showed that during SSO authentication the relaystate generated without including thread name in the URL, leading to the threadname not being passivated or made available during reactivation. To resolve this, the thread name will now be included in the URL.