Hi, I am using jboss-portal-2.6-BETA1. Basically i want that user which is not having a role of admin is not able to add some default portlets like CMSportlet,role portlets to his dashboard so I try to set security for individual portlet instances so i login as admin and goto management portlet. After selecting security link for proper portlet instance a window opens which has checkboxes for user roles but after selecting proper checkbox there is no update button so the changes i made were lost. eg: I want to change the security of CMSportletInstance so that user (except admin role) can not be able to view or add CMSportletInstance in his dashboard. I also try to put <security-constraint> <policy-permission> <role-name>Admin</role-name> <action-name>view</action-name> </policy-permission> </security-constraint> for CMSportletInstance in portlet-instances.xml located at jboss-portal.sar\portal-core.war\WEB-INF which creates instances of these portlets. But it wont work. Any suggections !!! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4039781#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...