1) Create a second Policy (e.g "UnAuthorized_Policy)
2) Create a Rule within the 'Unauthorized_Policy' (e.g. UnAuthorized_Rule)
Resource: Same as ALLOW Rule
Action: Authorization Events: OnAccessReject
3) Create a Response (e.g. UnAuthorized_Response)
Attribute Type: WebAgent-Onreject-Redirect OR WebAgent-OnReject-Text
Attribute Kind: Static
Variable Value: path to Redirtect Page or Text (Depending on which Attribute type you choose)
4) Configure the Policy for ALL USERS in the user directory
5) Tie the UnAuthorized_Rule and UnAuthorized_Repsonse to the UnAuthorized_Policy
I would suggest creating an UnAuthorized web page and placing it in an unprotected directory and redirecting the user to that page.
Users who are authorized to access the resource will be redirected to the resource. User who are authenticated, but not authorized to access the resource will be redirected to the unauthorized page or presented the Text, depending on which you chose.
This should allow you to achieve your use case.