hi please read this document you can find solution...
the Portal Portlet Packaging Tool adds a security filter to a portlet application’s web.xml file. This filter allows direct requests to static files, such as images, but it blocks all requests to
servlets and JSPs that are not proxied through Portal, thereby ensuring that the Portal authentication and authorization mechanisms protect all application resources. As a result, a Portal user is forbidden to access a portlet application directly. Hwoever, we need to make direct requests to the FileExplorerServlet. To enable access we will remove the Portal security filter (named PortletApplicationSecurityFilter) and the mapping. Delete or comment the following lines:
1.<filter>
2. <filter-name>PortletApplicationSecurityFilter</filter-name>
3. <filter-class>com.vignette.portal.portlet.jsrcontainer.PortletApplicationSecurityFilter</filter-class>
4.</filter>
5.<filter-mapping>
6. <filter-name>PortletApplicationSecurityFilter</filter-name>
7. <url-pattern>/*</url-pattern>
8.</filter-mapping>
Once you complete the deployment, start the VAP server. Login to the Server console (
http://localhost:8080/portal/console).
please refers at last lines:
http://www.ajaxprojects.com/ajax/tutorialdetails.php?itemid=746
Thanks & Regards
raju.k