We have a grpc mixer adapter that invokes our local Authorization Policy manager for AuthZ. I’ve deployed the adapater, handler, instance and the rule.
But I still can invoke the end-point for an user who does not have necessary permissions.
Now how can I debug whether my call is routed to the adapter for making the decision. Which logs should I be looking at ?
Can someone pls help
This is how the rule looks -
#rule to dispatch to our handler, for local test, so just set the match to true
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: opss-rule
namespace: istio-system
spec:
match: match(destination.service.host, "*.test-sales.svc.cluster.local")
actions:
- handler: opss-handler.istio-system
instances:
- opss-instance