diff --git a/sample_archive/access/allow_all.aclj b/sample_archive/access/allow_all.aclj
new file mode 100644
index 00000000..1e93abe4
--- /dev/null
+++ b/sample_archive/access/allow_all.aclj
@@ -0,0 +1 @@
+*, - {"access": "allow", "user": "staff"}
diff --git a/tests/config_test_access.yaml b/tests/config_test_access.yaml
index 8fb352f7..332d5a74 100644
--- a/tests/config_test_access.yaml
+++ b/tests/config_test_access.yaml
@@ -62,6 +62,13 @@ collections:
         acl_paths:
             - ./sample_archive/access/pywb.aclj
 
+    pywb-wildcard-surt:
+        index_paths: ./sample_archive/cdx/
+        archive_paths: ./sample_archive/warcs/
+        default_access: block
+        acl_paths:
+            - ./sample_archive/access/allow_all.aclj
+
 
 
 
diff --git a/tests/test_acl.py b/tests/test_acl.py
index ea7655aa..4e94962c 100644
--- a/tests/test_acl.py
+++ b/tests/test_acl.py
@@ -96,5 +96,9 @@ def test_allowed_different_coll_acl_dir(self):
 
         assert '"http://httpbin.org/anything/resource.json"' in resp.text
 
+    def test_allow_all_acl_user_specific(self):
+        resp = self.testapp.get('/pywb-wildcard-surt/mp_/http://example.com/', status=451)
 
+        assert 'Access Blocked' in resp.text
 
+        resp = self.testapp.get('/pywb-wildcard-surt/mp_/http://example.com/', headers={"X-Pywb-Acl-User": "staff"}, status=200)