INC-169856 · Issue 649460
Personalized table sort order limited
Resolved in Pega Version 8.6.1
After implementing a personalized table, the query started adding more 'order by' sorts, causing system impact. This was traced to the pzPopulateSortOrder activity Implementation having different constants assumed for the same purpose (999 in one place and 99999 in another), and has been resolved by updating the logic in step 1 and step 2 to disregard sort orders higher than 999.
INC-170389 · Issue 645001
Updated authentication for report filter screen
Resolved in Pega Version 8.6.1
If the report filter screen was shown first after clicking on the report link in the report browser, an error is generated for users but not for administrators. This has been resolved by registering the activity and adding a BAC registration section to the prompt filter section.
INC-175622 · Issue 652279
Screen reader announces report names
Resolved in Pega Version 8.6.1
An update has been made to pyReportBrowserItem to ensure names of the reports on the report browser are read correctly.
INC-176205 · Issue 655939
Secure shared link generation added to scheduled reports
Resolved in Pega Version 8.6.1
When a scheduled report with a link was sent in email, clicking the link displayed an access denied message. To support this use, logic has been added to pytaskoutputprocessor in the pega-scheduledtask-reporting and pega-scheduledtask classes that will create a secure encrypted URL using the PublicLinkURL function.
INC-176385 · Issue 657671
Corrected blank lines for hidden report filter criteria
Resolved in Pega Version 8.6.1
When the report browser had five filter criteria for a report and only the last two were made visible due to conditions, three blank lines were shown above the visible filters. This was traced to the Report Definition column filter showing the grid row as empty space when "Filter Not Visible in Viewer" was selected, and has been resolved by adding an inline style to PzPromptGrid.
INC-157095 · Issue 638806
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.6.1
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
INC-162434 · Issue 640050
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.6.1
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after update new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved
INC-163201 · Issue 646912
BrowserFingerprint updated
Resolved in Pega Version 8.6.1
Security improvements have been added to the browser fingerprint process.
INC-168837 · Issue 646974
CSRF token updated for use with OKTA login
Resolved in Pega Version 8.6.1
An issue seen while connecting via OKTA has been resolved by updating the CSRF token validation for use with IDP initiated SSO login.
INC-169186 · Issue 655538
Disconnect button availability extended
Resolved in Pega Version 8.6.1
A case was not refreshing when the disconnect button was selected while using the standard section for authorization grant type authentication. This was traced to a query executed to find a div with attribute pzInsHandle, but that attribute was not applicable in the user portal. To support this use, the query has been extended to be applicable for user portal (attribute data-ui-meta) and Dev Studio landing page.