Links in emails cause the user to log in each time

book

Article ID: 140344

calendar_today

Updated On:

Products

CA Agile Central SaaS (Rally)

Issue/Introduction

When receiving emails from Rally, sometimes the user must log in again in order to see the work item, even though that user already has an active session in Rally.

Cause

This is often caused by an email scanning subscription service that is rewriting the URL for security purposes.  The rewritten link is actually being routed through the third party service and traffic is then scanned for security purposes.  Therefore, this is considered a new session since it is with the third party scanning service instead.


Normally, a link to a work item in Rally would appear as follows:

https://rally1.rallydev.com/slm/#/detail/defect/338775510776


However when an email scanning service rewrites the URL it may actually appear as follows:

https://isolate.menlosecurity.com/https://rally1.rallydev.com/slm/#/detail/defect/338775510776


In this case, the user is being sent first to https://isolate.menlosecurity.com, and not Rally.  So the third party site is intercepting the request and since this is seen as a separate session from the currently active session, it causes the user to need to reauthenticate.

Environment

Release : SAAS

Component : AGILE CENTRAL

Resolution

Configure the scanning service to whitelist emails coming from Rally so they are not rewritten.