4 Replies Latest reply on Jul 29, 2008 2:37 PM by sasa_srb

    Portlet security constraint tab ignored completely

    btbala

      I'm using JBoss portal version 2.4 and have an issue with the portlet security configuration. For some reason, the security-constraint tag that I have defined in the portlet-instance.xml is being completely ignored. The security configuration for the page in the *-object.xml is :

      <security-constraint>
      <policy-permission>

      <action-name>view</action-name>
      </policy-permission>
      </security-constraint>

      The security configuration for the portlet in the portlet-instance.xml is :

      <security-constraint>
      <policy-permission>
      <role-name>admin</role-name>
      <action-name>view</action-name>
      </policy-permission>
      </security-constraint>

      The above configuration is being ignored and the portlet is always accessible to everyone. Any ideas?