SR-D28034 · Issue 497837
Asynchprocessor generation code deprecated from distribution
Resolved in Pega Version 8.3.1
During a Pega Rules Upgrade of the environment, the error "duplicate key value violates unique constraint "pr_data_admin_pk" was observed. This exception originated from the "Upgrade Context" target while executing a query to fetch the missing ASYNCPROCESSOR requestors for all available system names, and was caused by the system attempting to insert a single ASYNCPROCESSOR requestor more that once in the shared layer. The need to generate missing requestors only applied for installations where a custom system name was provided to the deployment properties (setupDatabase), so by default the asyncprocessor generation code has been removed from the distribution as it is no longer required for upgrades. Default system behavior now is to use system-runtime-context in place of async requestors.
SR-D28719 · Issue 505966
Null archive check added to set import process status
Resolved in Pega Version 8.3.1
After running a 'prpcServiceUtils.sh import' which failed due to a low-level null pointer error, the job "IMPORTREQUEST-2" then incorrectly showed the status as 'IN PROGRESS' instead of 'FAILED'. In this case, the null pointer exception occurred because two imports were unintentionally happening at the same time: the process copied up the same set of archives to the service export directory, but the first import processed an archive and deleted it so that the second process failed to find it. When it exited with the null pointer exception, the status was not set to 'failed'. To resolve this, a null archive check has been added which will set the status to 'failed' if the archive is unsupported, corrupt, or not there at all.
SR-D29485 · Issue 503512
Enhancement added to modify URL encryption for load testing
Resolved in Pega Version 8.3.1
An enhancement has been added which allows conditionally modifying URL encryption for load testing. This uses the flag crypto/useportablecipherforurlencryption: if true, a portable hardcoded key is used to encrypt the URLs and if false, a dynamically generated key per thread/requestor is used to encrypt the URL.
SR-D29127 · Issue 506862
SAML data pages restored after passivation
Resolved in Pega Version 8.3.1
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as read-only, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D41482 · Issue 507883
SAML data pages restored after passivation
Resolved in Pega Version 8.3.1
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as read-only, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D28460 · Issue 509364
Added timeout handling for non-PRAuth servlets
Resolved in Pega Version 8.3.1
After logging in via external authentication service (SAML Single Sign On) and setting up a timeout in the access group RuleForm, when the user performed any action and the server identified the request to be timed-out, it was expected that a SAML request would be sent from the browser to the external Authentication Server (referred as IDP) and the flow would proceed from there. This worked as expected for a non-AJAX request. To resolve this, handling has been added for timeout when using non-PRAuth authentication services.
SR-D37872 · Issue 507340
prproductmigration build.gradle updated for new mime4j asset name
Resolved in Pega Version 8.3.1
While running the getMigrationLog for ProductMigration script provided in the Pega 8.2.2 media files, errors appeared referencing "NoClassDefFoundErrors when running getLogs". This was caused by the referenced class not being found on the classpath: the version of the included jar did not include the class needed due to Praxiom's default version being updated to use a new version of mime4j that required an asset name change. To resolve this, the mime4j asset name in prproductmigration build.gradle has been updated to pick up the correct version of the dependency for Praxiom.
SR-D41637 · Issue 512268
Mashup URLs will include thread name for better passivation recovery
Resolved in Pega Version 8.3.1
Mashup screens were distorted after keeping the screen idle for more than 1 hour and then trying to switch between accounts. Investigation showed that during SSO authentication the relaystate generated without including thread name in the URL, leading to the threadname not being passivated or made available during reactivation. To resolve this, the thread name will now be included in the URL.
SR-D42602 · Issue 511583
PRCipher class references updated
Resolved in Pega Version 8.3.1
After upgrade, starting Tomcat resulted in the error "java.lang.ClassCastException: com.pega.platform.securitycore.encryption.internal.CipherDefault cannot be cast to com.pega.pegarules.exec.external.util.crypto.PRCipher"This was traced to an issue with the references for PRCipher: cipher was moved to be a security-core component, but the class structure changes were not fully updated. This has been corrected.
SR-D44307 · Issue 509000
Refined dependency checking for Hotfix Manager
Resolved in Pega Version 8.3.1
The logic in Hotfix Manager was changed in 8.3 to include all Strategic Application hotfixes in the Catalog for platform versions 7.4+. However, because there are some edge cases where multiple hotfixes for different strategic application products have been shipped with the same rule changes, it was found that a DL packaged for one application could pick up hotfixes intended for another app. This prevented the DL from installing on systems where both apps were not installed. To avoid picking up these additional hotfixes, while the catalog shipped in the DL will continue to contain all apps, the system has been updated to use only a list of selected products when generating a catalog for calculating dependencies.