Hello j2-users, i cannot found a solution to set security constraint on portlet level. Security constraint can be set for page level. <security-constraints> <security-constraint> <roles>member</roles> <permissions>view</permissions> </security-constraint> <security-constraint> <roles>manager</roles> <permissions>edit</permissions> </security-constraint> </security-constraints> For a member the portlets will be in the view mode only. User with the role manager can change to the editmode the displayed portlets. I found the following description in the book "Portlets and Apache Portals": > Constraints work with principals (role, user, and group) and permissions. Permissions are actions > provided by the portal implementation. Jetspeed-2 follows the portlet specification, providing > permissions to mirror the default portlet modes: view, edit, and help. The constraint shown in > Listing 12.10 constrains access to the default page for members by granting the view permission > to users with the role member, and granting the edit permission to users with the role manager. > Similarly, constraints can also be applied to pages and portlets.
__constraints can also be applied to pages and portlets__ How do I can set a security constraint to a portlet? The user should be able to add, view and configure portlets with an associated role only! Anyone an idea?
