Why are my rules not matching? According to the do...
# talk-oathkeeperb
brash-cartoon-33648
09/23/2022, 1:43 PMWhy are my rules not matching? According to the docs I think this should work
Copy code
{
"audience": "application",
"error": {
"debug": "",
"message": "Requested url does not match any rules",
"reason": "",
"status": "Not Found",
"status_code": 404
},
"granted": false,
"http_host": "oathkeeper-api.auth.svc:4456",
"http_method": "GET",
"http_url": "<https://pgweb.talos.example.nl/>",
"http_user_agent": "Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0",
"level": "warning",
"msg": "Access request denied",
"service_name": "ORY Oathkeeper",
"service_version": "v0.39.0",
"time": "2022-09-23T13:41:40Z"
} Copy code
apiVersion: <http://oathkeeper.ory.sh/v1alpha1|oathkeeper.ory.sh/v1alpha1>
kind: Rule
metadata:
name: pgweb-oath-rule
namespace: auth
spec:
authenticators:
- handler: cookie_session
authorizer:
handler: allow
mutators:
- handler: noop
match:
url: <https|http>://pgweb.talos.example.nl/<.*>
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD"]r
red-machine-69654
09/23/2022, 4:08 PMyou have a
<red-machine-69654
09/23/2022, 4:08 PMoops, nm
red-machine-69654
09/23/2022, 4:09 PMprobably this:
red-machine-69654
09/23/2022, 4:10 PMI seem to use a different pattern to match:
Copy code
<{https,http}>://pgweb.talos.example.nl<{/,**}>red-machine-69654
09/23/2022, 4:11 PMforgot where, but i think i use glob
red-machine-69654
09/23/2022, 4:11 PMyes, in `config.yml`:
Copy code
access_rules:
matching_strategy: globb
brash-cartoon-33648
09/23/2022, 7:44 PMTurns out my rules were not getting loaded 😕
brash-cartoon-33648
09/23/2022, 7:45 PMWas using a custom config and somehow the rules didn't end up loading
r
red-machine-69654
09/23/2022, 8:46 PMYay fixed 😄
b
brash-cartoon-33648
09/23/2022, 8:51 PMThanks for the help :)
r
red-machine-69654
09/25/2022, 7:42 AMAll you, I didn’t do much.
red-machine-69654
09/25/2022, 7:43 AMrubber duck
32 Views