No, that will not work.
The 1st policy which matches a packet is used, and no later policy will be checked.
The checks to match a packet are source IP, dest IP, protocol & dest port.
So only the 1st incoming HTTP policy would be checked.
Also, the connection rate limit is not per user - it is total connections per second for the policy.
From the docs:
"To improve network security, you can create a limit on a policy so that it only filters a specified number of connections per second. If additional connections are attempted, the traffic is denied and a log message is generated."