This policy will deny access to all API-A methods to a particular user based on login id (as registered in the tomcat-users.xml file). urn:fedora:names:fedora:2.1:action:api-a sdp