Rally - Unable to login via SSO in Chrome version 80

book

Article ID: 143878

calendar_today

Updated On:

Products

CA Agile Central On Premise (Rally)

Issue/Introduction

A user attempting to login to Rally via Single Sign-On (SSO) is unable to login (user gets "processing request" message and nothing happens). This started happening after updating to Chrome version 80 (after Tue, Feb 4, 2020)

Cause

As of 2020-02-04, Google plans to roll out Chrome version 80. One of version 80’s changes will be to change the default SameSite value for cookies that do not explicitly set that flag. Instead of the current value of “None”, SameSite will then default to “Lax”, which will prevent those cookies from being shared with third party sites. Details

Environment

Rally; Agile Central; SSO

Resolution

If a user is unable to login to Rally via SSO and is using Chrome version 80, the following mitigations may be possible:

  • For centrally managed Chrome deployments:
    Set the policy “LegacySameSiteCookieBehaviorEnabled”, as described here
  • For individually managed Chrome instances:
    Manually disable the “same-site-by-default-cookies” flag via chrome://flags



Attachments