Condividi su Facebook

Practical guide to Rally query syntax and SSO setup with SAML

A concise guide to writing robust Rally queries and implementing SAML-based single sign-on for secure user authentication

practical guide to rally query syntax and sso setup with saml 1771922841

Audience
This guide is for Rally workspace administrators, project leads, IdP teams, and IT/ops staff who set up subscriptions, shape access rules, and run SSO rollouts.

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.

Quick takeaways
– Queries are case-sensitive and often require child properties (for example, Tags.Name).
– For automation, use stable identifiers (OIDs). Human-readable names are fine for ad-hoc use but can break if someone renames things.
– Test SSO end-to-end in a staging workspace, keep emergency admin accounts available, and document attribute mappings.
– Treat identity attributes as personal data: only send what you need in assertions, log metadata exchanges, and track certificate lifecycles.

How Rally query syntax works — practical primer
– Look and feel: Query expressions are SQL-like and filter on attributes such as ScheduleState, Owner, Iteration, custom fields, and so on.
– Case sensitivity: Literal values are case-sensitive. If a Rally username is stored as “[email protected]” you must match that exact string.
– Child properties: Many fields are objects — use the child property on the left side of the operator (e.g., Tags.Name, Owner.EmailAddress).
– Project scope: Queries only return items in projects the querying user can access; permissions affect results.
– Use OIDs for stability: Iteration.OID or Release.OID remain stable even when teams rename iterations or releases.

Copyable query snippets
– Stories in Progress: (ScheduleState = “In-Progress”)
– Exact owner by email: (Owner.EmailAddress = “[email protected]”)
– Specific iteration by name: (Iteration.Name = “Sprint 14”)
– Match tag name: (Tags.Name = “backend”)
– No estimate and in Defined state: ((PlanEstimate = null) AND (ScheduleState = “Defined”))
– Substring search in title: (Name contains “Technical Debt”)
– Immutable iteration reference: (Iteration.OID = “6082450599”)

Combining conditions — common pitfalls and patterns
– Parentheses matter: Group clauses explicitly. For clarity and predictability, prefer ((A AND B) AND C) rather than chaining without groups.
– Null vs empty: Null is different from an empty string. To match records that don’t contain “blue” or have no notes, use: ((Notes !contains “blue”) OR (Notes = null)).
– !contains only applies when the field exists: Add an explicit null check as above to avoid surprising misses.
– Avoid unsupported field-to-field comparisons: Expressions like (AcceptedDate < InProgressDate) are usually unsupported. Use literals or approved variables (for example, today).
– Verify property names: Mistyping Tags.Name or Parent.FormattedID returns errors or empty result sets — double-check names against your workspace schema.
– Stability tradeoff: Iteration.Name is readable but fragile; Iteration.OID is reliable for automation and long-lived queries.

Performance and operational notes
– Substring searches (contains) are useful but slower; reserve them for ad-hoc or broad investigations.
– Favor index-friendly filters (exact matches on indexed fields or OIDs) for speed and predictable results.
– Maintain a regression test suite of queries and expected outputs to catch problems when the schema or workflows change.

Key fields to rely on
– ScheduleState (Defined, In-Progress, Completed, Accepted)
– State (defects)
– PlanEstimate, TaskEstimateTotal, TaskRemainingTotal (capacity and burn analysis)
– Iteration and Release (use OIDs for automation)
– Owner.EmailAddress or Owner.UserName (identity-based filters)
– Tags.Name (tag filters)
– Parent.FormattedID and PortfolioItem (parent/portfolio relationships)

SSO with SAML — roles and reasons
– Who: Rally workspace admins, IdP administrators, and Rally Support all have parts to play.
– What: Configure SAML 2.0 to centralize authentication and reduce password-related support overhead.
– Where: Changes happen in your IdP console and in Rally’s admin/SUPPORT workflow.
– Why: Properly implemented SSO simplifies user management, improves auditing, and can strengthen security — but only if you plan, test, and document carefully.

Practical SSO rollout checklist
1) Verify eligibility and inventory – Confirm your subscription supports SAML SSO (sandbox/trial/free tiers may not). – Export user lists, roles, and admin accounts for each affected workspace.

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.0

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.1

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.2

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.3

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.4

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.5

Overview
Rally’s Query field and SAML single sign-on are powerful, but they reward careful setup and testing. Below you’ll find copy-ready query patterns, practical explanations of tricky behaviors, performance tips, and a hands-on SSO rollout checklist. I’ve also called out the compliance and operational risks you should test for and mitigate before you flip the switch.6

Scritto da Staff

Complete summer semester 2026 schedule and important academic dates