SR-D36004 · Issue 513617
Check added before OperatorID page in the clipboard is deleted
Resolved in Pega Version 8.4
After configuring an access group with security policies and a one minute timeout, triggering the timeout and then failing authentication before correctly authenticating was resulting in the .operatorID page being deleted from the thread->System pages and the workIDs were listed from all workbaskets in the portal. This has been resolved by adding a check for whether the operator id page is in thread level or not before deleting it.
SR-D37872 · Issue 507342
prproductmigration build.gradle updated for new mime4j asset name
Resolved in Pega Version 8.4
While running the getMigrationLog for ProductMigration script provided in the Pega 8.2.2 media files, errors appeared referencing "NoClassDefFoundErrors when running getLogs". This was caused by the referenced class not being found on the classpath: the version of the included jar did not include the class needed due to Praxiom's default version being updated to use a new version of mime4j that required an asset name change. To resolve this, the mime4j asset name in prproductmigration build.gradle has been updated to pick up the correct version of the dependency for Praxiom.
SR-D37894 · Issue 505976
Query parameters will be cleared after redirection from authentication
Resolved in Pega Version 8.4
When using the /PRAuth Servlet, running a snapstart URL generated from a secondary application correctly executed SAML Authentication and Pega processing, but a second URL generated with different parameters ran with the parameters from the first request. The third and subsequent requests processed as expected with the parameters sent in with the request. Investigation showed that the previous parameters were picked due to the query string parameters not being cleared after redirection, and this issue has been resolved by updating the system so it will clear the parameters after issuing a redirect from the authentication policy engine.
SR-D38232 · Issue 509856
Keystore certificate alias updated to support mixed case names
Resolved in Pega Version 8.4
The Java Keystore stored aliases only in lower case letters, but it accepted uppercase letters also during retrieval. This was causing the error "No certificate found in truststore : Azure AD SSOIDPCertStore with Alias : CN=Microsoft Azure Federated SSO Certificate" when the names didn't match. To resolve this, the keystore layer has been modified to support upper case letters in the certificate alias.
SR-D38522 · Issue 504674
Timeout error notification regarding waiting for package removed
Resolved in Pega Version 8.4
During long-running deployments, an error message appeared indicating that the system was awaiting completion of the package install. This was not a genuine error, and has been addressed by removing the timeout warning. The system will wait as long as necessary to install an archive.
SR-D38613 · Issue 510004
Login will not obfuscate data for unauthenticated requestor
Resolved in Pega Version 8.4
If prconfig.xml had URLencryption and SubmitObfuscatedURL enabled, logging off from the application and idling the login screen for 5-10 minutes resulted in an Http 400 error during the next login attempt and the app data had to be manually cleared. This has been resolved by setting the system to not obfuscate data if the requestor is unauthenticated.
SR-D40756 · Issue 508098
Null check added for missing IDP RelayState
Resolved in Pega Version 8.4
An "ArrayIndexOutOfBounds" exception was showing sporadically when using IDP Initiated SAML Login requests. This was traced to IDP not consistently providing the RelayState parameter to Pega, and the exception has been resolved with the addition of a null check. When the RelayState parameter is empty, the message "Missing Relaystate information in IDP Response" will be shown.
SR-D41454 · Issue 506536
Updated HotFix Manager for use in older versions
Resolved in Pega Version 8.4
The DL logic in Hotfix Manager was changed in 8.3 to include the catalog of all framework changes. This had the unintended side effect of preventing DLs from being installed in Pega 7.3.1 and lower versions as the versions included in the catalog are not present on those systems and the validation failed. This has been resolved by revising the DL update so the system will only add all apps to the catalog for platform 7.4+ DLs.
SR-D41482 · Issue 507884
SAML data pages restored after passivation
Resolved in Pega Version 8.4
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as readonly, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D41637 · Issue 512269
Mashup URLs will include thread name for better passivation recovery
Resolved in Pega Version 8.4
Mashup screens were distorted after keeping the screen idle for more than 1 hour and then trying to switch between accounts. Investigation showed that during SSO authentication the relaystate generated without including thread name in the URL, leading to the threadname not being passivated or made available during reactivation. To resolve this, the thread name will now be included in the URL.