INC-219161 · Issue 724834
OAuth token handling updated for integrated service
Resolved in Pega Version 8.8
After implementing Webex integrations (appointments & spaces), authorization issues were seen with the error "Cannot retrieve tokens for [email protected] as the logged session is with [email protected]". This was an issue relating to operator validation from requestor page, and has been resolved.
INC-219566 · Issue 721288
Handling updated for CSRF in queue processor trace
Resolved in Pega Version 8.8
The field level audit on properties was intermittently not being shown on the Audit history table for the first time for some users. This has been resolved by modifying the queue processor trace to better handle CSRF tokens.
INC-221019 · Issue 725148
Modified timestamp query used by ClusterAndDBCleaner
Resolved in Pega Version 8.8
The job pyClusterAndDBCleaner was failing with the error "ORA-01861: literal does not match format string". This was traced to the sub-activity pzClearOldQueueProcessorBrokenMessages which was not able to remove broken items with encryption in an upgraded environment due to an incorrect timestamp format passed to the Oracle database. This has been resolved by modifying the query to use a timestamp built using INativeSqlBuilder which will include only the information necessary for the deletion of the item.
INC-222107 · Issue 732995
Trim added to refresh token request to handle extra spaces
Resolved in Pega Version 8.8
The request was failing when attempting to obtain an access token using refresh token when the previous access token was expired. This issue was due to an extra space in the scope in AuthenticationServiceOIDCSource.java, which has been corrected with an update which will trim the scope.
INC-223376 · Issue 723996
JMX authentication enabled by default for embedded Kafka and Cassandra
Resolved in Pega Version 8.8
For on-premises clients, a potential vulnerability for a Remote Code Execution using the JMX interface on Cassandra and Kafka using exposed network ports has been mitigated by enabling JMX authentication by default for embedded Kafka and Cassandra.
INC-223376 · Issue 736082
Override added to delete records for a stream dataset after processing
Resolved in Pega Version 8.8
Kafka data was accumulating for a Stream data set due to huge volume of inbound calls. This has been resolved by adding support to override pyDeletedProcessed through a DASS in order to remove the records for a particular stream dataset (topic) as soon as they are processed by Pega.
INC-224954 · Issue 727045
Enabled turning off general metrics when queue processing metrics are disabled
Resolved in Pega Version 8.8
A memory leak related to QPGeneralMetrics was consuming heap and causing performance issues. Investigation showed queue processor metrics were gathered even when disabled. To resolve this, turning off "General Metrics Handler" while turning off the QPGeneralMetrics has been enabled. Queue processors should now skip the process of collecting general metrics while running activities. This will prevent storing unused (and uncleared) metrics in memory and prevent heap exhaustion.
INC-225519 · Issue 724399
Improved handling for thread resolution issues
Resolved in Pega Version 8.8
Queue Processor/Dataflow was moving to STOPPED state due to failed records in its execution. Investigation showed there was a minor logic issue in the queue processor activity which allowed the Page-Remove step to be called even before the pages were actually created, and this has been resolved by improving the recovery from a cleared ThreadContainer which might cause thread resolution issues.
INC-226163 · Issue 731632
Override added to delete records for a stream dataset after processing
Resolved in Pega Version 8.8
Kafka data was accumulating for a Stream data set due to huge volume of inbound calls. This has been resolved by adding support to override pyDeletedProcessed through a DASS in order to remove the records for a particular stream dataset (topic) as soon as they are processed by Pega.
INC-227812 · Issue 733965
Service SOAP outflow response supports RSA_SHA256 & RSA_SHA384
Resolved in Pega Version 8.8
When service SOAP was configured in Pega WS-Security Profile with with outflow as signature and the signature method selected as RSA_SHA256, the response from service SOAP was still RSA_SHA_1 and the digest method was SHA_256. This has been resolved by updating WS-Security Profile to support RSA_SHA256 & RSA_SHA384 in service SOAP outflow response.