Reproduced in 6.1.x rev. 121842 and Trunk rev. 121842
Steps to reproduce:
1. Add layout.show.portlet.access.denied=false to portal-ext.properties to disable portlets from view when "view" permissions are removed for users.
2. Create a new site "Test."
3. Add a public page and a private page.
4. On the public and private page add web content display and content. Leave all permissions as is.
5. Create a new user "User" and make him a member of "Test."
6. Sign in as new user and view both the public and private pages for "Test." This user is able to view the web content.
7. As admin, remove view permissions for "guest" and "site member" from the web content display portlets on both public and private pages.
8. As "User" log back in to site "Test." On the public page, the web content display portlet is no longer viewable.
On the private page, "User" is still able to see the portlet and the content.
It is expected that the portlet on both public and private pages should not be viewable since view permissions were removed.