INC-132209 · Issue 577000
CDK key loading modified for better database compatibility
Resolved in Pega Version 8.5
Users were unable to log on to the system and received the error "There has been an issue; please consult your system administrator." Investigation showed the log errors stating "(dataencryption.DataKeyProvider) ERROR localhost - Could not get CDK from systemKeyManagementCache - System CDK is null". This was an issue specific to the MS SQL Server database when there were 6 or more CDKs in the database: CDK keys are loaded from database into Cache using an SQL statement which had the ORDER clause. By default, the ORDER clause treats NULL values differently on different databases, and this caused MS SQL databases to not load a necessary CDK key. To resolve this, the SQL query has been modified so the result will be the same for all supported daatbases (Oracle, Postgres & MS SQL Server).
INC-118927 · Issue 571491
Resolved OAuth2 mobile app loop
Resolved in Pega Version 8.5
When a Pega OAuth2 authorize endpoint was invoked and the redirect URI contained "app", a loop was created where the system attempted to fetch the app alias from the state parameter value and was redirected back to itself. This could sometimes result in inconsistent mobile app styling. Investigation showed that a certificate with keyword app that was picked for the redirect URI could have the key word assumed to be the app alias context, so a workaround was to remove the app keyword. To resolve the issue, the system has been updated to look for the app alias only in the state parameter rather than performa a string contains check on the entire query string.
SR-D79181 · Issue 551124
OKTA receives parameters on logout
Resolved in Pega Version 8.5
When using an OIDC logout endpoint with a parameter set as a data page value, the data page retrieved the ID Token from the database, but when logout was clicked the datapage name was being displayed in the browser instead of the IDToken. To resolve this, code has been added to support sending ID token parameters for logoff endpoint for OKTA logoff using OpeniD connect.
SR-D54319 · Issue 532528
API added to sync presence with requestor to clear inactive operator sessions
Resolved in Pega Version 8.5
An intermittent error message was seen indicating the maximum number of active sessions for the current operator had been reached even though there were not multiple logins and there was no requestor displayed in the requestor management landing page. This was traced to sessions that were not properly closed and cleared, and has been resolved by exposing an API that will sync the presence record with the requestor state so inactive sessions will be cleared.
SR-D64608 · Issue 544388
Corrected filedownload extension header issue
Resolved in Pega Version 8.5
Filedownload header contained plain non-ascii characters which caused a security violation issue. This has been resolved by removing the filedownload header from the HTTP response when the sendfile API is used with inputstream to download a file.
SR-D56527 · Issue 538304
DSS PegaAESREmoteResetTableStats set to false
Resolved in Pega Version 8.5
In order to prevent an issue with resetting table stats that potentially impacts postgres in an unintended fashion, the DSS PegaAESREmoteResetTableStats has been set to false.
SR-D64408 · Issue 530282
Stacktrace will be generated for oLog errors
Resolved in Pega Version 8.5
In order to provide improved diagnostics, oLog errors will print stacktraces.
SR-D76861 · Issue 544606
Job Scheduler will be stopped by node shutdown detection
Resolved in Pega Version 8.5
LifeCycle Job Scheduler was trying to start already stopped background services during node shutdown, causing exceptions to be logged. This has been resolved by stopping Job Scheduler execution when node shutdown is detected.
SR-D84099 · Issue 547825
Atmosphere library updated
Resolved in Pega Version 8.5
Multiple setAttribute exceptions were logged related to the Atmosphere component, indicating "The request object has been recycled and is no longer associated with this facade." Investigation showed that since the request object was destroyed, an illegalstateexception was thrown. To resolve this, the Atmosphere library has been updated to version 2.4.5.7 which contains the fix for this error.
SR-D66222 · Issue 529636
Tracer expiration set for five minutes
Resolved in Pega Version 8.5
Tracer was not terminating on tracer window closure. On the next attempt to open a trace, a message appeared stating "Cannot Launch Multiple Tracer Sessions for a requestor. This requestor is being traced by operator". Tracer session termination was dependent on the browser executing code on window close. Because this event may not be triggered for number of reasons, updates have been made to set tracer session expiration at 5 minutes. In addition, the system will clean up expired sessions before checking for existing sessions.