INC-217461 · Issue 714310
Key ID made optional for JWT
Resolved in Pega Version 8.6.5
After update, Connect-REST services were failing with a Admin_Security_Token.Action error. This was traced to kID (key ID) being mandated following previous work done to address an issue. To resolve this and better support backwards compatibility, the kID has been made optional in the JWT header.
INC-219208 · Issue 717217
Updated OAuth2 registration handling for modified application definition
Resolved in Pega Version 8.6.5
After update, attempting to resave an application definition after any modification resulted in the error "Application OAuth2 client registration is failed. Error Message: PegaApp_XXBase:Client already exists". This was due to pxCreateRecord being called to create the authentication profile: as it was already present, it failed to create a new one. This has been resolved by changing pxCreateRecord to Obj-Save in this process. This change will only be applied on newly created applications using the Data-Application-OAuth2ClientRegistration instance. The solution for already exported applications is to delete the corresponding OAuth2 client (PegaApp_<application id>) and resave the application to create a new client along with the needed metadata.
INC-222213 · Issue 722507
Updated support for Client Assertion in Open ID Connect to generate unique JTI
Resolved in Pega Version 8.6.5
Following an update with an enhancement which added UI and code changes to support Client Assertion in Open ID Connect, the token expiry and issue dates were not getting set properly and the JTI was not getting generated. This has been resolved by adding code to generate a unique client_assertion on OIDC login with private_key_jwt so the JTI in client assertion will be be unique for every login.
INC-215937 · Issue 713773
Added exception handling for PageGroup alerts
Resolved in Pega Version 8.6.5
Queue items were going to the broken queue if there was an issue fetching the alert configuration from the Queue Processor rule. The error "java.lang.IllegalArgumentException: Alert id cannot be blank" was seen. This has been resolved by adding exception handling while gathering alerts from PageGroup so that a malformed alert configuration will not cause overall failure of a processed message, but instead an empty alert will be returned if configuration-data is corrupted.
INC-217781 · Issue 714185
JobScheduler updated to better handle DST change
Resolved in Pega Version 8.6.5
If a job scheduler was set to run on a weekly basis between 1 AM CET and 3 AM CET, the DST time change caused the job scheduler to skip that week. During DST, there is one 23-hour day in the year, and if execution time is set to that missing hour the system was throwing an IllegalArgumentException for the non-existent date. This has been resolved by adding a check that verifies whether a given date does exist; if it does not exist, the system will postpone execution time by one hour.
INC-218001 · Issue 719922
Error text revised for parameterized data page used for token generation
Resolved in Pega Version 8.6.5
While trying to add a claim in the header of a Token Generation Profile instance, selecting Map From as "Clipboard" and trying to give any DataPage(parameterized) as the source property failed to be saved and the error "JWS Alias— Please provide correct algorithm key with correct key length." appeared. Changing the "Map From" to a Constant and giving a dummy value worked as expected. Tracer showed the error "declare page parameters not supported by PropertyReference", indicating the actual issue: at this time, the Token profile does not support using a parameterized data page. This has been addressed by ensuring an appropriate error message is shown on save of the token profile rule form when a parameterized data page reference is configured. The error will now read "The reference D_pzPreferenceStore[PreferenceOperatorID:"[email protected]"].pxObjClass is not valid. Reason: Parameterized data page reference is not supported." Support for a parameterized data page used with Map From will be taken as an enhancement for a future release.
INC-218340 · Issue 714663
Override added to delete records for a stream dataset after processing
Resolved in Pega Version 8.6.5
Kafka data was accumulating for a Stream data set due to huge volume of inbound calls. This has been resolved by adding support to override pyDeletedProcessed through a DASS in order to remove the records for a particular stream dataset (topic) as soon as they are processed by Pega.
INC-218909 · Issue 715282
Override added to delete records for a stream dataset after processing
Resolved in Pega Version 8.6.5
Kafka data was accumulating for a Stream data set due to huge volume of inbound calls. This has been resolved by adding support to override pyDeletedProcessed through a DASS in order to remove the records for a particular stream dataset (topic) as soon as they are processed by Pega.
INC-219566 · Issue 721290
Handling updated for CSRF in queue processor trace
Resolved in Pega Version 8.6.5
The field level audit on properties was intermittently not being shown on the Audit history table for the first time for some users. This has been resolved by modifying the queue processor trace to better handle CSRF tokens.
INC-225519 · Issue 724398
Improved handling for thread resolution issues
Resolved in Pega Version 8.6.5
Queue Processor/Dataflow was moving to STOPPED state due to failed records in its execution. Investigation showed there was a minor logic issue in the queue processor activity which allowed the Page-Remove step to be called even before the pages were actually created, and this has been resolved by improving the recovery from a cleared ThreadContainer which might cause thread resolution issues.