SR-D61967 · Issue 528215
Updated key handling for ProcessJWT
Resolved in Pega Version 8.3.2
After configuring an authentication service which used the ProcessJWT activity to validate the token received, the error "Unable to process the Json Web Token " was seen. Analysis showed the error was caused by a duplicate Key Id in JWK Endpoint Response: the system removed keys after processing, and in the case of duplicate keys the system was throwing null pointer exception because the key had already been removed. To resolve this, the system has been updated to not remove the keys from the map as part of this process.
SR-D63232 · Issue 524294
Support added for Authentication service rule attributes in embedded pages
Resolved in Pega Version 8.3.2
SSO login was not working, giving the error "Unable to process the SAML WebSSO request : No value specified for Attribute in SAML assertion". Investigation showed the Authentication service rule could only map attributes that are on the top level page and did not consider embedded page values. To resolve this, tools.getProperty will be used to fetch the property reference value instead of find Page and getString.
SR-D63668 · Issue 525478
Access Control Policy updated to handle NotEqual with valuelist
Resolved in Pega Version 8.3.2
When editing the Access Control Policy Condition rule in Designer Studio and setting condition to 'is not equal', comparing it to a list generated the error "function not found". The same configuration worked as expected for the 'is equal' condition. This has been resolved by updating policycondition to handle a not equal scenario combined with a valueList property.
SR-D63681 · Issue 527382
Localization added to login page messages
Resolved in Pega Version 8.3.2
Localization has been added to the messages that appear on the login and forgot password screens.
SR-D63727 · Issue 531723
Authorization header base 64 format error recategorized as debug logging
Resolved in Pega Version 8.3.2
Numerous messages were generated indicating that the Authorization Header format was invalid when using the format " : " (Base64 Og==) . As this is the default behavior for a particular class of proxy servers, the error statement has been updated to be logged as a debug statement and will be visible only when that logging is enabled.
SR-D64408 · Issue 530280
Stacktrace will be generated for oLog errors
Resolved in Pega Version 8.3.2
In order to provide improved diagnostics, oLog errors will print stacktraces.
SR-D66222 · Issue 529634
Tracer expiration set for five minutes
Resolved in Pega Version 8.3.2
Tracer was not terminating on tracer window closure. On the next attempt to open a trace, a message appeared stating "Cannot Launch Multiple Tracer Sessions for a requestor. This requestor is being traced by operator". Tracer session termination was dependent on the browser executing code on window close. Because this event may not be triggered for number of reasons, updates have been made to set tracer session expiration at 5 minutes. In addition, the system will clean up expired sessions before checking for existing sessions.
SR-D66521 · Issue 536138
Logout Redirect updated to handle special characters in IDP parameters
Resolved in Pega Version 8.3.2
When using "HTTP Redirect" in Authentication Service, the Logout Redirect service was failing due to the query parameter name containing "_" (underscore). This was traced to IDP sending parameters to assertion consumer service or logout request endpoint with names which contained any special characters, as the system was trying to put those key values on the parameter page for additional processing. To resolve this, the system has been updated to suppress exceptions when the parameters from IDP includes special characters.
SR-D67945 · Issue 529718
PDC JMS Listener accesses conversion of tenant hash to tenant name
Resolved in Pega Version 8.3.2
A new API method has been added for the PDC JMS listener to access getTenantNameFromTenantHash().
SR-D70569 · Issue 538507
Tracer retains modified user settings
Resolved in Pega Version 8.3.2
User settings in tracer were not shown when the settings window was closed and reopened. Investigation showed that settings are filtered based on watchInsKey, but this parameter was passed as "null" for global tracer because of a missing condition to check the session type. This has been resolved by adding a check so the WatchInsKey parameter is passed if the session type is rule watch.