SR-D28538 · Issue 502056
Corrected requestor status flag for direct map
Resolved in Pega Version 8.3.1
Numerous "Unable to create requestor" alerts were logged. This was traced to an error in HttpAPI where after retrieving the requestor from the internal requestor map directly, the requestor creation status flag was not set properly. This caused last action to post that alert instead of the correct notice of "existing requestor retrieved". This has been resolved so the flag reflects the correct status.
SR-D31066 · Issue 502252
Improved performance for "Show-HTML" in a grid with numerous controls
Resolved in Pega Version 8.3.1
‘Show-HTML’ was taking an excessive amount of time to render a UI for grid with a large number of controls. This was traced to the handling for generating and clearing markup creating an exponential growth situation, and has been resolved by modifying the system to remove redundant copies of a string in the markup string buffer.
SR-D33491 · Issue 511726
Code fragment removed to resolve CookieDisabledException
Resolved in Pega Version 8.3.1
After upgrade, a CookieDisabledException occurred after a post activity was invoked in the single sign-on (SSO) authentication service. This was traced to the site using the deprecated flag "redirectguests" as part of SSO-based login for mashup usecases. This flag was used to check if a cookiedisabled exception was thrown or not, and if there was no cookie, if a requestor was authenticated in first request. However, the flag has been removed as part of work done to omit the Cookie support check on Mobile App UAs. Code that supported the use of this flag remained after that work and led to the exception being generated, but has now been removed as well.
SR-D43811 · Issue 511920
Code fragment removed to resolve CookieDisabledException
Resolved in Pega Version 8.3.1
After upgrade, a CookieDisabledException occurred after a post activity was invoked in the single sign-on (SSO) authentication service. This was traced to the site using the deprecated flag "redirectguests" as part of SSO-based login for mashup usecases. This flag was used to check if a cookiedisabled exception was thrown or not, and if there was no cookie, if a requestor was authenticated in first request. However, the flag has been removed as part of work done to omit the Cookie support check on Mobile App UAs. Code that supported the use of this flag remained after that work and led to the exception being generated, but has now been removed as well.
SR-D11655 · Issue 485707
JMS Listener modified to ensure connections are closed after encountering an exception
Resolved in Pega Version 8.3.1
JMS listener logs were detailing exceptConnection leaks with the message " J000100: Closing a connection for you. Please close them yourself". Investigation showed that when the JMSListener is configured for JBOSS, it goes via EngineImpl. However, connections opened during engineimpl.ivokeEngine were prevented from closing if they encountered an exception. To resolve this, the execution of the connection close command has been moved to the finally block.
SR-D41532 · Issue 512002
Handling added for padding character changes in StatiContent generation
Resolved in Pega Version 8.3.1
After upgrade, only 3 tenants were accessible in a MultiTenant environment with 52 tenants. A trace showed 500 and 403 errors, and the message "com.pega.pegarules.pub.context.PRSecurityException: Undefined tenant configuration". This was traced to a different padding character used in the StatiContent code that resulted in the tenant URL being encoded and decoded differently, and has been resolved by adding handling for better padding character compatibility.
SR-D20423 · Issue 503445
Improved upgrade handling for tables using classes with property references
Resolved in Pega Version 8.3.1
After upgrade, some page property values were blank and exposed database columns did not contain the values. Investigation showed that the reference properties did not have context and hence column population was not able to determine their value. To resolve this, instead of doing column population for all the columns, the system will identify classes that have property references and that are being optimized as part of upgrade process and maintain a list of specific columns to update.
SR-D20439 · Issue 496403
Hotfix hashmap cleanup improved
Resolved in Pega Version 8.3.1
A DL installation failed with an out-of-memory error. It was observed that many CacheEntry(VersionedJdbcJarRwader.java) hashmaps were being created to store the details for each hotfix but that were then never cleared. This has been resolved by adding the finally block in CodeImportProcessImpl.java class to call the shutdown method for proper cleanup. In addition, the default command line utility (prpcUtils) has been updated to use JVM settings of Xmx 4GB and capture a heap dump if an out-of-memory error is encountered. The auto-generated prconfig.xml has also been updated to leverage its minimal startup setting which will avoid loading the conclusion cache into memory.
SR-D21803 · Issue 502129
Cross-site scripting protection added for embedded portal URI
Resolved in Pega Version 8.3.1
The URI used in the top window of embedded portals has been encoded to prevent DOM based cross-site scripting.
SR-D23862 · Issue 503895
Corrected test connection for LDAP AuthService using keystore
Resolved in Pega Version 8.3.1
When using a AuthService rule defined for LDAP using ldaps:// and a KeyStore rule that was defined to reference a local file in the server, the Test Connection button on the AuthService rule did not work and generated the following exception: "com.pega.apache.commons.httpclient.contrib.ssl.AuthSSLInitializationError: I/O error reading keystore/truststore file: null". Investigation showed that file reference keystore did not work with an LDAPS test connection because while run time used the LDAPVerifyCredentials activity, the design time validation used the activity “ValidateInfrastructure” which did not have the required code to support file reference keystore. This has been corrected.