If you want to restrict the access to a portlet to the Admin role, you have to modify your portlet-instances.xml and change the action-name to "view". This will hide the portlet to all user who don't have the Admin role. You don't have to make it programmatically.
I did the same. But its not working. In portlet-insatances.xml made the entry you suggested.
Do I need to disable viewrecursive action for the default portal?
hi i got the same, it depends on the father permission.
by default "vierecursive" is enabled to everyone, i had to change in view for any role and then i had the behaviour like you want
You don't need to remove the "viewRecursive" action for the default portal. You can add this attribute into the portlet-instances.xml :
... <deployment> <if-exists>overwrite</if-exists> <instance> ... </instance> </deployment> ....
Thanks for your solution. My portlet got secured. This is what I did in my portlet-instances.xml:
What if I want to make the page secured? What entries do I need to make?
When I put security constraints in *-object.xml in admin portlet I can see tha page has view permissions for Admin role. However when I open the page it is accessible to everyone. Evene <if exists>overwrite<...> not working
Please provide some pointers.