diff --git a/spec/actionpolicy/actionpolicy_spec.rb b/spec/actionpolicy/actionpolicy_spec.rb
index 1de72db..1e22aba 100644
--- a/spec/actionpolicy/actionpolicy_spec.rb
+++ b/spec/actionpolicy/actionpolicy_spec.rb
@@ -343,6 +343,20 @@ module MCollective
 
 
         end
+
+        it 'should parse example16 correctly' do
+          # match uid in the list
+          request.stubs(:caller).returns('uid=600')
+          actionpolicy = ActionPolicy.new(request)
+          actionpolicy.parse_policy_file(File.join(@fixtures_dir, 'example16')).should be_true
+
+          # match uid not in the list
+          request.stubs(:caller).returns('uid=800')
+          actionpolicy = ActionPolicy.new(request)
+          expect{
+            actionpolicy.parse_policy_file(File.join(@fixtures_dir, 'example16'))
+          }.to raise_error RPCAborted
+        end
       end
 
       describe '#check_policy' do
diff --git a/spec/actionpolicy/fixtures/example16 b/spec/actionpolicy/fixtures/example16
new file mode 100644
index 0000000..a525846
--- /dev/null
+++ b/spec/actionpolicy/fixtures/example16
@@ -0,0 +1,3 @@
+policy default deny
+allow	uid=500 uid=600 uid=700	*	*		*
+
diff --git a/util/actionpolicy.rb b/util/actionpolicy.rb
index 903595c..284d8d9 100644
--- a/util/actionpolicy.rb
+++ b/util/actionpolicy.rb
@@ -67,7 +67,7 @@ module MCollective
       def check_policy(rpccaller, actions, facts, classes)
         # If we have a wildcard caller or the caller matches our policy line
         # then continue else skip this policy line\
-        if (rpccaller != '*') && (rpccaller != @caller)
+        if (rpccaller != '*') && (! rpccaller || ! rpccaller.split.include?(@caller))
           return false
         end