We're trying to implement Ping SSO (currently hybrid, planning for SSO-only with exceptions) and have encountered a problem that I can't imagine is unique. The scenario is this:
- Log in to Rally (on or off the organization's network domain) using SSO from (for example) http://rally.domain.com
- Browse to a work item and copy its URL- which will start with https://rally1.rallydev.com
- Close your browser session and open a new one
- Paste the URL and you get prompted for Rally sign in, not SSO
Should we expect the same result when we toggle to SSO-only with exceptions? There are many scenarios where we expect to encounter "native" Rally URLs (e.g. watch and notification emails) and we can't capture and rewrite if the user happens not to be logged on to the domain. Thanks in advance!