SR-B42009 · Issue 304044
Authentication timeout smoothed for re-login
Resolved in Pega Version 7.3
If custom authentication was used with a stream specified to enter credentials upon authentication timeout, re-login failed after the timeout. This was traced to two issues: first, the custom configuration defaulted to using the out-of-the-box stream "Web-TimeOut", which expects the password to be in base64 encoded format and so attempts to base64 decode it. This caused an authentication failure. Second, when restarting with authentication instead of a timed-out request, the starting activity of operator was being executed and the portal was rendered unexpectedly. To resolve this, the object references needed for the successful resumption will be cloned when there is authentication timeout and used for redirection upon successful authentication.
SR-B43182 · Issue 301518
pzSUS Param properly URLEncoded
Resolved in Pega Version 7.3
The Tomcat 8+ server was rejecting DWA URLs due to characters such as {,} that it considered to be unsafe. These characters were introduced by pzSus key in the URL, and these values will now be encoded for the browser to resolve these issues.
SR-B44199 · Issue 300058
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B44199 · Issue 299984
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B44199 · Issue 297134
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B6669 · Issue 279329
XSS filters added to UI rulesets
Resolved in Pega Version 7.3
XSS filters have been added to pyCaseActionArea and pyAssignmentsLabel in Pega-EndUserUI and UIKit rulesets.
SR-D86011 · Issue 548152
Browser fingerprint validation issue resolved
Resolved in Pega Version 8.3.3
After upgrade, Pega logoff was happening automatically within five minutes while using Microsoft Internet Explorer. This was traced to the COSMOS-based portal in Microsoft Internet Explorer 11 generating different hashes for different parts of the screen, causing a "Browser fingerprint validation failed" error because of the pzBFP token mismatch. To resolve this, an update has been made to exclude the graphic components for calculation of browserfingerprint.
SR-D96395 · Issue 555117
CDK key loading modified for better database compatibility
Resolved in Pega Version 8.3.3
Users were unable to log on to the system and received the error "There has been an issue; please consult your system administrator." Investigation showed the log errors stating "(dataencryption.DataKeyProvider) ERROR localhost - Could not get CDK from systemKeyManagementCache - System CDK is null". This was an issue specific to the MS SQL Server database when there were 6 or more CDKs in the database: CDK keys are loaded from database into Cache using an SQL statement which had the ORDER clause. By default, the ORDER clause treats NULL values differently on different databases, and this caused MS SQL databases to not load a necessary CDK key. To resolve this, the SQL query has been modified so the result will be the same for all supported daatbases (Oracle, Postgres & MS SQL Server).
SR-D79181 · Issue 551123
OKTA receives parameters on logout
Resolved in Pega Version 8.3.3
When using an OIDC logout endpoint with a parameter set as a data page value, the data page retrieved the ID Token from the database, but when logout was clicked the datapage name was being displayed in the browser instead of the IDToken. To resolve this, code has been added to support sending ID token parameters for logoff endpoint for OKTA logoff using OpeniD connect.
SR-D64566 · Issue 547513
Option added for redirect to SAML IDP on logout
Resolved in Pega Version 8.3.3
An enhancement has been added which provides a check box to choose to redirect to SAML IDP on logout from Pega.