SR-D66222 · Issue 529635
Tracer expiration set for five minutes
Resolved in Pega Version 8.2.6
Tracer was not terminating on tracer window closure. On the next attempt to open a trace, a message appeared stating "Cannot Launch Multiple Tracer Sessions for a requestor. This requestor is being traced by operator". Tracer session termination was dependent on the browser executing code on window close. Because this event may not be triggered for number of reasons, updates have been made to set tracer session expiration at 5 minutes. In addition, the system will clean up expired sessions before checking for existing sessions.
SR-D70569 · Issue 538508
Tracer retains modified user settings
Resolved in Pega Version 8.2.6
User settings in tracer were not shown when the settings window was closed and reopened. Investigation showed that settings are filtered based on watchInsKey, but this parameter was passed as "null" for global tracer because of a missing condition to check the session type. This has been resolved by adding a check so the WatchInsKey parameter is passed if the session type is rule watch.
SR-D72636 · Issue 536088
Added handling for Authorization Server login loop
Resolved in Pega Version 8.2.6
When the Authorization server returned an error, it was redirecting back with error, error_description, and parameters. The system then tried to start the login process again, the same error parameters were returned again, and it continued to loop this way. To resolve this issue, handling has been added for this error scenario from the Authorization Server.
SR-D73002 · Issue 535257
URL Encryption and Obfuscation made compatible with site-minder
Resolved in Pega Version 8.2.6
Attempting to download a Mobile App from the Build Server resulted in an error. This was traced to Cipher text using URLEncryption: URLEncryption uses a Pega-supplied base64 to encode the cipher text with MIME type encoding by default, which adds newline character after every 72 characters. This is not compatible with site-minder. which has policies to restrict newline characters in the URL. As a result, none of the encrypted requests were being processed. To resolve this, post-processing logic has been added to remove newline characters from encoded text. This change has also been applied top URLObfuscation.
SR-D74848 · Issue 536999
Updated key handling for ProcessJWT
Resolved in Pega Version 8.2.6
After configuring an authentication service which used the ProcessJWT activity to validate the token received, the error "Unable to process the Json Web Token " was seen. Analysis showed the error was caused by a duplicate Key Id in JWK Endpoint Response: the system removed keys after processing, and in the case of duplicate keys the system was throwing null pointer exception because the key had already been removed. To resolve this, the system has been updated to not remove the keys from the map as part of this process.
SR-D75053 · Issue 540912
Corrected Agent schedule time conversion
Resolved in Pega Version 8.2.6
After upgrade, a mismatch between the agent configuration and schedule was seen, causing an agent scheduled at 6PM Europe/London time to execute at 6AM Europe/London instead. Analysis of the Agent schedule rule showed that if the pyStartAmPm property was empty, the internal code miscalculated the AM_PM string as AM. That meant that if an agent was configured with 24 hour clock format and was set to run at 18:00 hrs, it executed at 6AM. The workaround for this issue involved resaving the agent, triggering the data transform pzSetStartAmPm to correct the field pyStartAmPm, but the issue has been corrected by adding handling for the pyStartAmPm == "" corner case.
SR-D75431 · Issue 544197
DMaps cleared to set correct JobScheduler next run time
Resolved in Pega Version 8.2.6
When items were added into a QP, the items shown under Scheduled and weren't being processed immediately. Investigation found that the job scheduler which fetched the entries for QP to process wasn't running as expected, and the "Next run" time stamp for JS was incorrectly populated and entries weren't being fetched at all. To correct this, updates have been made to clear entries in DMap belonging to the node during shutdown and from the membership listener so the correct next run time is set.
SR-D75498 · Issue 545069
Resolved null-pointer exception for Token based Authenticated Rest
Resolved in Pega Version 8.2.6
When logging in with auth0 OIDC auth service and then trying to use connect-Rest with an authentication profile using an auth0 provider, a null pointer error was generated indicating connect-Rest could not find the Access token. Even thought the Authentication service (OIDC) and authentication profile (authorization grant) both had the same scopes (“openid profile email”), OIDC flow and authentication profile save the Access Token with different scopes. Specifically, OIDC saves the token with an extra trailing space. Handling has been added to correct this.
SR-D76409 · Issue 540300
Cleanup added for staging directory
Resolved in Pega Version 8.2.6
Temporary files from imports and exports (from DevOps) were filling up the staging area disk space because there was no automatic process for cleaning up these local files. This has been resolved by adding an enhancement that will clear the directory on Engine Startup and any time ParUtils.setStagingDirectory gets called to initialize the staging directory.
SR-D76567 · Issue 545448
ABAC DSS setting reflected in all nodes
Resolved in Pega Version 8.2.6
When the ABAC (Attribute-based access control) DSS was disabled, the change was not reflected in all the nodes automatically. This was traced to a difference in parameter name: SecurityCacheProvider.pulseChange(), while consuming pulse message on another node, expects to get ".pyPurpose" from the StringMap. Because the system was setting "pyPurpose", aKeys.get(".pyPurpose") returned nothing, and the policy cache iwa not cleared on other nodes. This has been resolved by ensuring naming consistency with "pyPurpose".