Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

INC-150317 · Issue 625881

Certificate updates handled across nodes

Resolved in Pega Version 8.4.5

An SSL handshake exception was occurring when running a Connect-REST call automatically from the flow as a background process on a background processing node. The same Connect-REST worked fine when run manually. The exception detailed the issue as "SSLHandshakeException: java.security.cert.CertificateException: None of the TrustManagers allowed for trust of the SSL certificate(s) provided by the remote server to which this client attempted a connection." This was traced to a pulse change scenario where the reloading of the certificates was not happening on all the nodes after adding a new certificate or deleting a certificate. This has ben resolved by adding the DATA-ADMIN-SECURITY-CERTIFICATE class into the UpdatesCacheUtils.java class.

INC-155276 · Issue 622815

Null check added for step page

Resolved in Pega Version 8.4.5

After creating and adding new Access Roles and application 'Access When' to the privileges instead of Production level, during run time the error "runtime.IndeterminateConditionalException: Trying to evaluate Rule-Access-When conditions L:IsProdAccess when there is no page to evaluate them against" appeared for the specific privileges. This was traced to a missed use case where the system falls back to the step page if the page for evaluating the 'when' condition is null, which did not account for scenarios where the step page can be null. To resolve this, a null check has been added which will fetch the primary page if the step page for the access 'when' condition is null.

INC-155813 · Issue 629504

SAML SSO redirects to correct URL when application and authentication aliases match

Resolved in Pega Version 8.4.5

Whenever there was a match in the authentication service alias and the application alias, the application alias was replaced with empty after logoff instead of making the authentication service alias empty. For example, given an authentication service with the alias XYZ ("login with XYZ" alias option) and an application name XYZMyOps, the application alias was being changed from XYZMyOps to appMyOps after logoff. As a result, a blue screen error resulted when clicking on button "login with XYZ" again because it redirected to appMyOps, which didn't exist. This has been resolved by removing authservicealias and modifying AuthServiceAliasHelper.adjustPathIfAuthServiceAliasPresent() to change the method for calculating the pathinfo to string tokenizing.

INC-156647 · Issue 626292

Improved disconnected requestor cleanup for FieldService

Resolved in Pega Version 8.4.5

A large number of requestors from FieldService with the status as 'Disconnected' were accumulating and causing performance issues. This was traced to the requestors not getting passivated due to users not logging out and new requestors being created for the same users next time, and was caused by the value of the DSS Initialization/PersistRequestor being set as "OnTimeout". When the DSS prconfig/timeout/browser/default is not configured, the default browser requestor timeout is 60 minutes. In this scenario, requestors were not passivating as the requestor passivation timeout was set to the refresh token lifetime for mobile users, which was very large and overwrote the DSS value. This has been resolved by removing the code which set the passivation timeout to the OAuth2 refresh token lifetime.

INC-158720 · Issue 633990

Handling added for obfuscation stale requestor error

Resolved in Pega Version 8.4.5

When an environment was configured with URL encryption (initialization/UREncryption) set to true and the Authentication Service OPENID had a POST authentication activity which set pyAuthenticationPolicyResult to false, a blue screen error was seen with the exception "Obfuscation cannot be performed with a null or blank key". This was traced to the system trying to fetch the secureFeaturesForURLTampering property from staleRequestorrequestor object when the object had already been destroyed. This has been resolved by adding additional handling for the staleRequestorError.

INC-161260 · Issue 634050

Enhanced logging for CBAC policies

Resolved in Pega Version 8.4.5

Additional logs have been added to assist in easier debugging of any configuration issues with CBAC policies.

INC-163226 · Issue 632964

Alert resolved for query parameter in non-standard format

Resolved in Pega Version 8.4.5

A failure status occurred during refresh of an optimized grid section. Investigation showed this was caused by a parameterized datapage being used as a source for a section that passed a query parameter in a non-standard format. There was no functional impact, and the alert has been resolved by setting the system to call StreamParameter extraction only if the rejectTamperedRequests DSS is explicitly set to true.

INC-169186 · Issue 655539

Disconnect button availability extended

Resolved in Pega Version 8.4.5

A case was not refreshing when the disconnect button was selected while using the standard section for authorization grant type authentication. This was traced to a query executed to find a div with attribute pzInsHandle, but that attribute was not applicable in the user portal. To support this use, the query has been extended to be applicable for user portal (attribute data-ui-meta) and Dev Studio landing page.

INC-170423 · Issue 648982

Added catch for SAML WebSSO duplicate key exception

Resolved in Pega Version 8.4.5

After logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint. Cannot insert duplicate key in object." This has been resolved by updating the session index handling and adding a catch for the duplicate key exception.

INC-171838 · Issue 651438

Added mail/telephone link to allowed CSP child frame

Resolved in Pega Version 8.4.5

After upgrade from v8.3 to v8.5, clicking on the mail / telephone link in the out of the box case participants gadget generated the Content Security Policy error "This content is blocked. Contact the site owner to fix the issue." Examination of the browser dev-tools console indicated the object refused to frame because it violated the Content Security Policy directive: "frame-src *". This behavior was specific to the Google Chrome browser, and has been resolved by adding code so the mailto: and tel: will be added to the frame-src when Data is selected under Child Frame-Source option. Unchecking the Data checkbox for Child Frame-Source on the policy landing page will remove these from allowed actions under CSP.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us