Policy Templates

Authors
Bradley Beddoes
Andre Zitelli
Shaun Mangelsdorf

Applicable Versions
Beta 2

Overview

This page lists simple templates for Rules which may be included in policies.

Templates

Allow access for all authenticated users

<Rule Effect="Permit" RuleId="spep-rule-0">
  <Description>
  This rule causes all resources to be permitted by default for all users, internal and external that are matched by the policy.
  </Description>
</Rule>

Deny access for all users who are considered to be external

<Rule Effect="Deny" RuleId="spep-rule-0">
    <Description>This rule causes all users who authenticated via an external protocol (shibboleth or openID) to be denied access to content</Description>
    <Condition>
    <Apply FunctionId="string-equal">
            <SubjectAttributeDesignator AttributeId="esoe-externalised-identity" />
        <AttributeValue>true</AttributeValue>
    </Apply>
    </Condition>
  </Rule>

Submissions

We welcome your rule submissions for inclusion on this page.