SR-D89012 · Issue 550801
DelegatedRules refresh icon made accessible
Resolved in Pega Version 8.4.1
When using Accessibility, the refresh icon in pzDelegatedRules was being read as "Link". This has been corrected by adding text for the refresh icon.
SR-D89428 · Issue 550393
Data Flow StartTime uses locale timezone
Resolved in Pega Version 8.4.1
The start time of the dataflow was displayed in GMT instead of the operator locale timezone. This has been corrected.
SR-D89643 · Issue 548293
Old Tumbling Time data in event strategies given TTL for cleanup
Resolved in Pega Version 8.4.1
Old Tumbling Time data keys in event strategies were not being cleaned up, causing Cassandra timeouts after the dataflow run had been running for several months. The longer the dataflow was running using standard compaction, the more the data was potentially spread out across SSTables and the slower it became. This has been resolved by adding a 'time to live' value for tumbling time windows, and event strategies has been switched to use leveled compaction by default.
SR-D67316 · Issue 541206
Cross-site Scripting protection for PegaRULESMove_Skimming_Query
Resolved in Pega Version 8.4.1
Cross-site Scripting protection has been added for input parameter toRSV of the activity PegaRULESMove_Skimming_Query.
SR-D78467 · Issue 542319
Component rule check added to suppress unnecessary guardrail warnings
Resolved in Pega Version 8.4.1
After creating a component application using Configure > Application > Components, guardrail warnings were seen when saving the component. The component application allowed adding rulesets or other applications, but did not have all the tabs found in a normal application, so there was no option for adding the associated classes to define the UI class, Integration class and data class in the component application. As component is mostly a part of (or embedded inside) an application, this function was not given options to justify or suppress guardrail warnings like Rule-Application. To resolve this, a check has been added for component rule before generating guardrail warnings for Empty UI page, Empty Integration class, and Empty Data class.
SR-D79397 · Issue 546417
Rule-Utility-Function references updated with library information
Resolved in Pega Version 8.4.1
The "changeSystemName” operation failed. This was traced to the function “getLocalizedValue” (Rule-Utility-Function) being saved into the PegaFS library due to runtime resolution based on the function signature even though the actual Rule-Utility-Function from “Pega-Rules” ruleset needed to be picked in this case. To ensure the correct ruleset is picked, Rule-Utility-Function references have been updated with library information to resolve the resolution collision scenario.
SR-D80539 · Issue 544795
Testcases are not available for 'access when' rules
Resolved in Pega Version 8.4.1
Attempting to create test cases for access when rules resulted in guardrail warnings about the need to create a test case. Because Test Cases are not available for the Access When rule type as per Pega expected behavior, the guardrail warnings are not valid and have been removed.
SR-D87671 · Issue 547574
PegaCESvcsIntegrator security updated
Resolved in Pega Version 8.4.1
Security updates have been made which now require authentication to consume the services from the PegaCESvcsIntegrator package.
SR-D53835 · Issue 524214
Handling added for custom authentication in embedded mashup
Resolved in Pega Version 8.4.1
After embedding the Mashup gadget in an external application, at browser refresh a Cross-Origin Read Blocking (CORB) warning appeared and the gadget did not load as expected. A second refresh cleared the error. Investigation showed that when custom authentication is configured, 'use SSL' is checked in Authentication service. That meant that when the user was authenticated, the redirection was not considering the query string entered before authentication and the CORB warning was issued due to a change in response. Because there is special handling for the above use case and post-authentication redirection does not happen through the normal flow (HttpAPI), this issue has been resolved by honoring the query string stored in requestor (entered by user) while redirecting.
SR-D60284 · Issue 550560
Delete Requestor method updated for use with CMT
Resolved in Pega Version 8.4.1
JMS MDB Listeners with Container Managed Transaction (CMT) enabled in Websphere 8.5 had global transactions fail. To initialize a JMS-MDB listener, a requestor of type APP is used. Upon the service being fully initialized, the requestor is removed by executing a delete operation followed by a COMMIT. However, in this scenario, the initialization operation is running within a CMT context and a SQLException was raised indicating that the commit was not allowed. To resolve this, the delete requestor method has been refactored to take into account the CMT context so the commit is not executed if the transaction is managed by the container.