I found the answer to this, eventhough this just satisfied part of my problem.
To render the tabs/pages and/or portlets based on user's roles,
1. In *-object.xml
1.1 Under the security-constraint tag, list all possible usernames who can
access to this portal
| <security-constraint>
| <policy-permission>
| <role-name>User</role-name>
| <action-name>view</action-name>
| </policy-permission>
| <policy-permission>
| <role-name>Admin</role-name>
| <action-name>view</action-name>
| </policy-permission>
| </security-constraint>
|
1.2 Then, under each tag, you should list the name of the users who can
view this page
| <security-constraint>
| <policy-permission>
| <role-name>Admin</role-name>
| <action-name>view</action-name>
| </policy-permission>
| </security-constraint>
|
The Admin username above can view all of the portlets defined for this page.
2. To restrict which portlets should be seen by this Admin user, in the
portal-instances.xml, do the same security as above for each portlet instance
| <deployment>
| <instance>
| <instance-id>HelloWorldPortletInstance</instance-id>
| <portlet-ref>HelloWorldPortlet</portlet-ref>
|
| <security-constraint>
| <policy-permission>
| <role-name>Admin</role-name>
| <action-name>view</action-name>
| </policy-permission>
| </security-constraint>
| </instance>
| </deployment>
|
With the codes above, the Admin user when he logs in that page, if there are
more than one portlet besides the HelloWorldPortlet, he only sees the
HelloWorldPortlet.
Hope this will help others who are looking for the same answer
SGM
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4086707#4086707
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4086707
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
