Policy Templates

Bradley Beddoes
Andre Zitelli
Shaun Mangelsdorf

Applicable Versions
Beta 2


This page lists simple templates for Rules which may be included in policies.


Allow access for all authenticated users

<Rule Effect="Permit" RuleId="spep-rule-0">
  This rule causes all resources to be permitted by default for all users, internal and external that are matched by the policy.

Deny access for all users who are considered to be external

<Rule Effect="Deny" RuleId="spep-rule-0">
    <Description>This rule causes all users who authenticated via an external protocol (shibboleth or openID) to be denied access to content</Description>
    <Apply FunctionId="string-equal">
            <SubjectAttributeDesignator AttributeId="esoe-externalised-identity" />


We welcome your rule submissions for inclusion on this page.