Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-119800 · Issue 177840

Security policy transaction mismatch error resolved

Resolved in Pega Version 7.1.8

If security policies are enabled, logging out and then logging in prompts a password change. If the password was changed and then the page was refreshed, a transaction mismatch error occurred. This was caused by incomplete clearing of the password setting transaction, and the system has been updated to properly switch transactions.

SR-123636 · Issue 184161

Trojan horse protection auto-enabled

Resolved in Pega Version 7.1.8

The authentication/trojanhorseprotection previously defaulted to NEVER, creating a security vulnerability. The trojanhorseprotection setting now defaults to external.

SR-123636 · Issue 181701

Trojan horse protection auto-enabled

Resolved in Pega Version 7.1.8

The authentication/trojanhorseprotection previously defaulted to NEVER, creating a security vulnerability. The trojanhorseprotection setting now defaults to external.

SR-124473 · Issue 186179

Added handling for unauthenticated asynchronous SOAP service

Resolved in Pega Version 7.1.8

After implementing changes to work around an error with SOAP authentication, the unauthenticated asynchronous SOAP service generated an error and failed to complete. This was due to the changes to the authentication process omitting the asynchronous mode case when a SOAP service that intended to not use authentication ends up calling a sub-activity that requires authentication. This use case is now covered.

SR-126719 · Issue 177348

Added fallback keyinfo handling

Resolved in Pega Version 7.1.8

When a SAML assertion response is received in the authentication activity, an error indicated the KeyInfo was missing in the signature. This was caused by a lack of redundancy in the keyinfo handling that caused an exception when keyinfo was not included in the SAML response. Support has now been added to check the certificate in the truststore where the certificate from IDP metadata would have been imported, and there is an added null check in the debug logs.

SR-126719 · Issue 178793

Added fallback keyinfo handling

Resolved in Pega Version 7.1.8

When a SAML assertion response is received in the authentication activity, an error indicated the KeyInfo was missing in the signature. This was caused by a lack of redundancy in the keyinfo handling that caused an exception when keyinfo was not included in the SAML response. Support has now been added to check the certificate in the truststore where the certificate from IDP metadata would have been imported, and there is an added null check in the debug logs.

SR-128463 · Issue 193907

Create KeyRing updated for split schema

Resolved in Pega Version 7.1.8

If a command line script is configured (viz. keyringGen.sh) to encrypt user passwords for prconfig.xml databases using Keyring utility, a prconfig.xml could have three database entries but the keyring tool only prompted for two databases and did not allow encrypting password for the user for the third database. The prconfig.xml file requires very specific location information to run: to resolve this, the variables to hold schema name in case of split schema configuration have been added.

INC-150317 · Issue 625881

Certificate updates handled across nodes

Resolved in Pega Version 8.4.5

An SSL handshake exception was occurring when running a Connect-REST call automatically from the flow as a background process on a background processing node. The same Connect-REST worked fine when run manually. The exception detailed the issue as "SSLHandshakeException: java.security.cert.CertificateException: None of the TrustManagers allowed for trust of the SSL certificate(s) provided by the remote server to which this client attempted a connection." This was traced to a pulse change scenario where the reloading of the certificates was not happening on all the nodes after adding a new certificate or deleting a certificate. This has ben resolved by adding the DATA-ADMIN-SECURITY-CERTIFICATE class into the UpdatesCacheUtils.java class.

INC-155276 · Issue 622815

Null check added for step page

Resolved in Pega Version 8.4.5

After creating and adding new Access Roles and application 'Access When' to the privileges instead of Production level, during run time the error "runtime.IndeterminateConditionalException: Trying to evaluate Rule-Access-When conditions L:IsProdAccess when there is no page to evaluate them against" appeared for the specific privileges. This was traced to a missed use case where the system falls back to the step page if the page for evaluating the 'when' condition is null, which did not account for scenarios where the step page can be null. To resolve this, a null check has been added which will fetch the primary page if the step page for the access 'when' condition is null.

INC-155813 · Issue 629504

SAML SSO redirects to correct URL when application and authentication aliases match

Resolved in Pega Version 8.4.5

Whenever there was a match in the authentication service alias and the application alias, the application alias was replaced with empty after logoff instead of making the authentication service alias empty. For example, given an authentication service with the alias XYZ ("login with XYZ" alias option) and an application name XYZMyOps, the application alias was being changed from XYZMyOps to appMyOps after logoff. As a result, a blue screen error resulted when clicking on button "login with XYZ" again because it redirected to appMyOps, which didn't exist. This has been resolved by removing authservicealias and modifying AuthServiceAliasHelper.adjustPathIfAuthServiceAliasPresent() to change the method for calculating the pathinfo to string tokenizing.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us