"thomas.heute(a)jboss.com" wrote : So you just need to set: | - view (not recursive) right on the portal for anybody | - viewrecursive for 'authenticated" on your page | Dear Thomas, This works, but the usual configuration for our portal would be *) allow all users read access to the pages, where no security-constraints are defined (=default configuration of Jboss Portal) *) if page-level security-constraints are set, these should really secure the page On the portlet-instance level, this works perfectly and as expected. However, why does this not work the same way for portlet pages? I just tested this for Jboss Portal 2.6.4, and the behaviour has not changed. Thank you very much for your response & best regards, Johannes View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4137412#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...