INC-135874 · Issue 583414
Added handling for password containing a colon on Pega Client for Windows
Resolved in Pega Version 8.2.8
If a password included a colon (:), it was possible to log in on the desktop but not Pega Client for Windows. This was due to authentication files specific to the Windows mobility client, and handling has been added to resolve the issue.
INC-137516 · Issue 592455
Invalid redirect URI logging changed from error to warn
Resolved in Pega Version 8.2.8
The Pega Mobile client was reporting an Invalid redirect URI error triggered by the OOTB AuthorizationService. This warning is not an error, and the log method has been changed form error to warn.
INC-137709 · Issue 584289
New security role added to restrict access to development-specific classes
Resolved in Pega Version 8.2.8
A new security role and related RAROs have been implemented to allow better security for end users on non-BAC systems. This restricts access to Rules and execution of activities on classes that are development-specific.
INC-144597 · Issue 598306
Updated handling for MT query of pr_data_admin table
Resolved in Pega Version 8.2.8
When using a multi-tenant environment with Oracle, as the number of users in the environment increased, the number of queries of the pr_data_admin table "WHERE pyEnableAuthService" increased exponentially and causes system slowness. This was traced to missed handling for the @ character in the authentication service cache while requesting, and has been resolved by updating authservicecache.java.
INC-145694 · Issue 601295
Property check handling updated for Ajax requestor
Resolved in Pega Version 8.2.8
SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.
INC-142648 · Issue 594805
PRTraceServlet security check added
Resolved in Pega Version 8.2.8
Modifying the Pega application URL with PRTraceServlet displayed multiple user credentials and session information. This has been corrected with the addition of a privilege check in GetConnectionListCommand before allowing the connections list to be fetched.
INC-128342 · Issue 594185
Improved cleanup for adm_response_meta_info
Resolved in Pega Version 8.6
The adm_commitlog.adm_response_meta_info column family was growing, leading to gradual increase in CPU utilization on the Adaptive Decision Management (ADM) nodes over time. Investigation showed that the compaction on the adm_response_meta_info table was not being triggered by the ADM service, and the compaction did not remove rows that belonged to models that had been deleted. To resolve this, compaction of the adm_response_meta_info table has been moved from the ADM client nodes to the ADM service nodes, which will correctly trigger the compaction on a predefined schedule. The compaction logic has also been refactored to remove rows that belong to models that have been deleted.
INC-136634 · Issue 591679
Thread contention resolved for InteractionHistoryQuery
Resolved in Pega Version 8.6
High thread contention was observed while running Inbound load tests. This was traced to pzLoadInteractionHistory invoking a generated strategy to retrieve ihFields from InteractionHistoryQuery using the getUsedInteractionHistoryFields() method: because this method is synchronized, it caused a bottleneck. To resolve this, the synchronized methods have been replaced with the appropriate data structures.
INC-136969 · Issue 585547
Section and Paragraph rule types added to Revision Manager
Resolved in Pega Version 8.6
An enhancement has been made to add support for section and paragraph rule types in revision management. With this change, the sections and paragraph rule types can be added to overlay and can be added to change requests and modified.
INC-138037 · Issue 586595
Strategy handling updated for very large systems using IH summary
Resolved in Pega Version 8.6
When a Strategy in a Real-time dataflow used IH Summary on a system with more than 5000 groups for one eventKey, the message "Error retrieving aggregates from Cassandra KVS" intermittently appeared. Investigation showed that if the number of result rows was greater than the FETCH_SIZE (set to 5000), it meant another read to Cassandra was required and an exception was generated. To resolve this, updates have been made so that instead of returning maps, the system will return iterators and change them to map on the calling thread.