<authorizationPolicy id="app">

	<!-- Defined application roles -->
	
	<role id="DocumentAuthor" type="windows" windowsGroupName="BUILTIN\Users"/>
	
	<!-- Application states (mostly one 'default' state at the application level) -->
	
	<state id="Default" />
	
	<!-- Defined actions -->
	
	<action id="CreateDocument" />
		
	<!-- Action authorization rules for the DocumentAuthor role -->

	<actionRule action="CreateDocument" role="DocumentAuthor" />
	
</authorizationPolicy>

