Hi Matthieu, Thanks for your solution. My portlet got secured. This is what I did in my portlet-instances.xml: <if-exists>overwrite</if-exists> <instance-id>AJAXSearchViewerPortletInstance</instance-id> <portlet-ref>AJAXSearchViewerPortlet</portlet-ref> <security-constraint> <policy-permission> <role-name>Admin</role-name> <action-name>view</action-name> </policy-permission> </security-constraint> What if I want to make the page secured? What entries do I need to make? Thanks, Shakti View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4137376#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...