SR-D48396 · Issue 520423
Hazelcast upgraded to resolve node startup issue
Resolved in Pega Version 8.2.6
Post data upgrade, the ADM tier failed to start and the error "java.lang.IllegalStateException: Node failed to start!" appeared. This was traced to a dormant bug in Hazelcast 3.11 that caused starting nodes to fail when the Hazelcast master node was shutting down, which was exposed by recent Pega changes made to enable parallel restarts of nodes in Cloud environments. Hazelcast delivered a fix for the parallel restart problem and the hotfixed jar has been merged into the platform. In addition, previous logic for loading Admin Studio waited 30 seconds before timing out when fetching information for each node. This caused issues with large clusters and Admin Studio not loading. The logic has been updated in the Admin Studio UI to load the page despite delays/issues waiting for nodes to respond to the gathering of cluster data, and the algorithm to detect remote-call timeout has been updated and is applicable to batch operation.
SR-D48433 · Issue 514857
Exception handling added for Redirect URL fetched from GRS
Resolved in Pega Version 8.2.6
When the application definition under “integration and security" tab was configured to use "Store in web storage provider" to allow choosing the storage name and the authentication profile, configuring the authentication profile to use an OpenID connect provider with the pyEndpointURL property given as a global resource setting such as (=D_SharepointDetails.url) was not working as expected. Clicking browse in the application definition sent the request to the OpenID connect provider and was returned with the error "The reference =D_SharepointDetails.url is not valid. Reason: Page name (D_SharepointDetails) from indirect reference was not found." This was traced to the Redirect URL (fetched from GRS) throwing an unhandled exception, and has been resolved.
SR-D48762 · Issue 518298
Enhancement added to support DB2 CREATE OR REPLACE view syntax
Resolved in Pega Version 8.2.6
After creating the product, attempting to import it on another environment failed due to incompatibilities with the syntax. In SQLGeneratorDb2.getViewSourceStatement(), when the View definition is fetched there is a check whether the view starts with "CREATE VIEW". Since the customer view of "CREATE OR REPLACE" was not supported in Db2LUW, it didn't match and appended the "CREATE VIEW" statement again. This happened only when using DB2, and has been resolved by updating the logic in SQLGeneratorDb2.getViewSourceStatement() to support CREATE OR REPLACE VIEW statements.
SR-D49804 · Issue 518226
Hierarchical view support added for moving packages
Resolved in Pega Version 8.2.6
After exporting a package from a DEV environment, attempting to import it to a TEST environment resulted in the query becoming corrupted and the process failing. This was traced to the regex used to fetch the select statement table name not supporting hierarchical views, and has been resolved by adding that support.
SR-D51324 · Issue 523434
Authentication state refreshed after failure in mobile
Resolved in Pega Version 8.2.6
When using the mobile app, if the log in was started and incorrect credentials or empty fields were submitted and then the credentials screen was X-ed out or canceled, attempting to log in again using the correct information still received the "Authentication failed" error. A subsequent attempt with the correct credentials would then work. This was traced to the server persisting the state from the first request (per browser session), and has been resolved.
SR-D53835 · Issue 524213
Handling added for custom authentication in embedded mashup
Resolved in Pega Version 8.2.6
After embedding the Mashup gadget in an external application, at browser refresh a Cross-Origin Read Blocking (CORB) warning appeared and the gadget did not load as expected. A second refresh cleared the error. Investigation showed that when custom authentication is configured, 'use SSL' is checked in Authentication service. That meant that when the user was authenticated, the redirection was not considering the query string entered before authentication and the CORB warning was issued due to a change in response. Because there is special handling for the above use case and post-authentication redirection does not happen through the normal flow (HttpAPI), this issue has been resolved by honoring the query string stored in requestor (entered by user) while redirecting.
SR-D54319 · Issue 532527
API added to sync presence with requestor to clear inactive operator sessions
Resolved in Pega Version 8.2.6
An intermittent error message was seen indicating the maximum number of active sessions for the current operator had been reached even though there were not multiple logins and there was no requestor displayed in the requestor management landing page. This was traced to sessions that were not properly closed and cleared, and has been resolved by exposing an API that will sync the presence record with the requestor state so inactive sessions will be cleared.
SR-D55160 · Issue 520355
Namibia and Botswana added to Currency Symbol values
Resolved in Pega Version 8.2.6
Support has been added for the Namibia (en_NA) and Botswana (en_BW) locales in the default Currency Symbol values.
SR-D55449 · Issue 523502
Cross-site scripting protection added to layout runtime java and whitelist validation available for host/XFHost
Resolved in Pega Version 8.2.6
In order to protect against Cross-site scripting issues, filtering has been added to the RepeatDynamicIndex parameter value in layout runtime java. In addition, a validation for X-Forward-Host value has been added which will be read from a local configuration. This is in the form of a white list regex filter for the host/XFHost header to ensure the URL's actions cannot be redirected.
SR-D56063 · Issue 522858
Hazelcast upgraded to resolve node startup issue
Resolved in Pega Version 8.2.6
Post data upgrade, the ADM tier failed to start and the error "java.lang.IllegalStateException: Node failed to start!" appeared. This was traced to a dormant bug in Hazelcast 3.11 that caused starting nodes to fail when the Hazelcast master node was shutting down, which was exposed by recent Pega changes made to enable parallel restarts of nodes in Cloud environments. Hazelcast delivered a fix for the parallel restart problem and the hotfixed jar has been merged into the platform. In addition, previous logic for loading Admin Studio waited 30 seconds before timing out when fetching information for each node. This caused issues with large clusters and Admin Studio not loading. The logic has been updated in the Admin Studio UI to load the page despite delays/issues waiting for nodes to respond to the gathering of cluster data, and the algorithm to detect remote-call timeout has been updated and is applicable to batch operation.