Maurizio Pedraglio wrote:
Hi,
when my users click on "edit mode" in layout page in order to add a
portlet in their page, they are able to see all portlet for all running
application (i.e. app: j2-admin - portlet: user management).
Sounds like your user has the admin role
They should not be able to view Admin portlets without the admin role
This is what I want: I deploy applicaton.war which contains PortletA,
PortletB and PortletC. A logged-in user can should add *only*
PortletA,B,C in his pages. May be I've to rewrite CustomizerPortlet.java?
Recommend adding security permissions for those portlets
You can edit security permissions from an Administrative portlet (if you
are working from SVN head)
You will need a portlet permission like:
Permission Type: PortletPermission
Resource: MyPortletApp::*
Actions: view
Role: whatever role you want to require
The customizer will only display portlets that are viewable by the
current user
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
