INC-85195 · Issue 567389
Search timeout made more consistent
Resolved in Pega Version 8.4.2
Perform a global search was not honoring a time out set to 5 seconds. This was due to inconsistent application of enforcing the timeout because the values were kept in different ways for different functions. To resolve this, timeout keeping for searching has been reworked and made more consistent so that searching will use a custom timeout if it is contained in the report definition and will otherwise fall back to using the appropriate DSS settings for Embedded Elasticsearch, External Elasticsearch, and Search & Reporting Service.
SR-D90400 · Issue 563188
Explicit parent added for descendants in subreport to correct summary
Resolved in Pega Version 8.4.2
When using a Report Definition with a Summarize column and a subreport with join class, it was not considering implementation class work objects. As a result, the prepared values were only partially computed. This was traced to the SubReport in SetQuery not having reference to a parent for the descendants classes, and has been resolved by explicitly setting the parent value.
SR-D98736 · Issue 563546
Report Definition returns ElasticSearch with parameter in the filter
Resolved in Pega Version 8.4.2
When using a parameter reference in the filter of a Report Definition with a datapage sourced by a Report Definition, ElasticSearch did not return any results if the checkbox "use null if empty" was selected for the filter, but unchecking this checkbox caused a severe warning. Investigation showed that when the checkbox was selected and there was no default value provided for the parameter in the Report Definition, the query formed had no check for a parameter value and the value in the datapage was ignored. This was traced to the operator in the Report Definition filter being overridden during the Report Definition save with the operator type changing from EQUALTO to ISNULL. This has been resolved by adding code changes to verify whether the Report Definition is in validation mode before applying changes.
SR-D81496 · Issue 547171
Data Social tag class FTS index query improvements
Resolved in Pega Version 8.4.2
A query intended to select from the link tag table to see if any cases were linked to the tag in question and then index the tag change was causing performance issues. Investigation showed that checking tag associations during FTS indexing fetched all matching rows from the table even though one was sufficient. To resolve this, the query will be created with max result count = 1, fetching up to 2 rows from the table.
SR-D91949 · Issue 552173
Improved search for instances with null property values
Resolved in Pega Version 8.4.2
OneOf filters for a newly introduced property were failing when applied to elasticsearch query. Investigation showed that because a property is created only when the system encounters an instance with a non-empty value for the first time, none of the instances had a value for this property and hence mapping was not generated in elasticsearch. To facilitate searches, an update has been made that will populate a value in one of the instances belonging to the class type so that elasticsearch mapping is generated during indexing of the instance.
SR-D93561 · Issue 558675
Report Definition now searches encrypted properties
Resolved in Pega Version 8.4.2
When using a section in table sourced from a report definition where one of the filter condition properties used was an encrypted property, running the report gave the correct result based on the filter condition but running the case and passing the encrypted property as a parameter to search did not produce the correct result. No data was displayed in the table sourced from the report definition. Because the encryption was done on the parameter string but not the value referenced by parameter, when a report definition is used as a data source for a table, the filter applied on an encrypted property is dropped in the final SQL statement that's generated, leading to incomplete or wrong results to the report. This has been resolved by moving the encryption logic to RuntimeResolver.
INC-118838 · Issue 560694
OKTA receives parameters on logout
Resolved in Pega Version 8.4.2
When using an OIDC logout endpoint with a parameter set as a data page value, the data page retrieved the ID Token from the database, but when logout was clicked the datapage name was being displayed in the browser instead of the IDToken. To resolve this, code has been added to support sending ID token parameters for logoff endpoint for OKTA logoff using OpeniD connect.
INC-118927 · Issue 571492
Resolved OAuth2 mobile app loop
Resolved in Pega Version 8.4.2
When a Pega OAuth2 authorize endpoint was invoked and the redirect URI contained "app", a loop was created where the system attempted to fetch the app alias from the state parameter value and was redirected back to itself. This could sometimes result in inconsistent mobile app styling. Investigation showed that a certificate with keyword app that was picked for the redirect URI could have the key word assumed to be the app alias context, so a workaround was to remove the app keyword. To resolve the issue, the system has been updated to look for the app alias only in the state parameter rather than perform a string contains check on the entire query string.
INC-125095 · Issue 560831
SAML authreqcontext duplicate key exception logging changed to debug
Resolved in Pega Version 8.4.2
As part of work done to improve the performance of the pr_data_saml_authreqcontext table during the SAML flow, the duplicate key exception handing was creating a large number of unique constraint log messages while saving sessionInfo to the database during SAML authentication if ADFS was used because the ADFS provider session Info is always blank. This has been resolved by changing the log statement in the duplicate key exception handling to debug.
INC-125429 · Issue 561892
OKTA receives parameters on logout
Resolved in Pega Version 8.4.2
When using an OIDC logout endpoint with a parameter set as a data page value, the data page retrieved the ID Token from the database, but when logout was clicked the datapage name was being displayed in the browser instead of the IDToken. To resolve this, code has been added to support sending ID token parameters for logoff endpoint for OKTA logoff using OpeniD connect.