Thanks for your response.
I thought about something like you mentioned, but one problem would be that this is way would not be secure.
Because there is not way i could check on the server side, if the user changed the definition query client side.
So the user could manipulate the query or remove it and see areas wich he has no rights for.
Could i implement server side code in Portal, if I had a standalone version?
So that i can check on every user request, wich user sends the request and than check if the parameters are valid?
Thanks,
Sebastian