Rally - Unable to login via SSO in Chrome version 80

Article Id: 143878

Status: Published

Updated On: 16-04-2020 07:11

Products:

CA Agile Central On Premise (Rally) , CA Agile Central SaaS (Rally) , CA Agile Central On Premise (Rally)

Issue/Introduction:

A user attempting to login to Rally via Single Sign-On (SSO) is unable to login (user gets "processing request" message and nothing happens). This started happening after updating to Chrome version 80 (after Tue, Feb 4, 2020)

Cause:

As of 2020-02-04, Google plans to roll out Chrome version 80. One of version 80’s changes will be to change the default SameSite value for cookies that do not explicitly set that flag. Instead of the current value of “None”, SameSite will then default to “Lax”, which will prevent those cookies from being shared with third party sites. Details

Environment:

Rally; Agile Central; SSO

Resolution:

If a user is unable to login to Rally via SSO and is using Chrome version 80, the following mitigations may be possible:

For centrally managed Chrome deployments:
Set the policy “LegacySameSiteCookieBehaviorEnabled”, as described here

For individually managed Chrome instances:
Manually disable the “same-site-by-default-cookies” flag via chrome://flags