"veyron2/services/security": More informative authorizqation errors
Common authorization errors that we encounter today are
"policy disallows []"
"[] does not match ACL"
Both of these are very hard to debug as it is unclear whether
credentials failed to validate (i.e, have failed caveats) or
the client's credentials are not set properly. This CL tries
to make the error more informative by dumping both the blessings
that the client sent and the ones that were successfully validated
at the server's end.
Change-Id: Ibc2c8ae74758680bc097f947b59e108226baa42d
1 file changed
