Visitor entitlements in a admin extension

Hi,
i want to extend my portal administration console.
Is there a way to get a list of all visitor entitlements?
Thanks!
Markus

look at RolePolicyManager
e.g.
import com.bea.p13n.management.ApplicationHelper;
import com.bea.p13n.entitlements.common.EntitlementConstants;
import com.bea.p13n.entitlements.management.RolePolicyManager;
String entAppName=ApplicationHelper.getApplicationName();
String webAppName = ApplicationHelper.getWebAppName(request);
String[] policies = RolePolicyManager.listRolesForResource(entAppName, webAppName, EntitlementConstants.P13N_ROLE_POLICY_POOL);

Similar Messages

  • Get all visitor roles in an admin extension

    Hi,
    i want to extend my portal administration console.
    It is possible to get a list of all visitor roles in my extension?
    Markus

    look at RolePolicyManager
    e.g.
    import com.bea.p13n.management.ApplicationHelper;
    import com.bea.p13n.entitlements.common.EntitlementConstants;
    import com.bea.p13n.entitlements.management.RolePolicyManager;
    String entAppName=ApplicationHelper.getApplicationName();
    String webAppName = ApplicationHelper.getWebAppName(request);
    String[] policies = RolePolicyManager.listRolesForResource(entAppName, webAppName, EntitlementConstants.P13N_ROLE_POLICY_POOL);

  • Weblogic 10.3.2 - Visitor entitlements role issue

    1)I am upgrading my weblogic portal application from Weblogic 8.1SP4 to Weblogic 10.3.2 version. I found that roles that created under visitor entitlements thru weblogic portal administration portal are not visible to assigned user.For example I created testRole for my application and added user testuser to this user.When I login to my portal application this user should able to see the portal page that related to testRole.But currently this is not working.
    To fix the above issue I created one new group under User and groups management and added the above user to that group and added that group to testRole. Now the user is able to see the portal pages
    My question is why the user is not able to access the roles when he is not part of any group.Because My portal application have different business users with different entitlement setups which I cannot categorize under groups.
    The above functionality is working fine in Weblogic8.1SP4 production environment.
    Regards,
    Satya

    I think the rolemappings in the application are mapped to groups.
    The rolemappings are defined through deployment overrides, such as for example, weblogic.xml (which is located in the WEB-INF/lib directory of a WAR file).
    An example of such a role mapping is the following:
    <weblogic-web-app ...>
         <security-role-assignment>
              <role-name>EMPLOYEE</role-name>
              <principal-name>employees</principal-name>
         </security-role-assignment>
         <security-role-assignment>
              <role-name>MANAGER</role-name>
              <principal-name>managers</principal-name>
         </security-role-assignment>
    </weblogic-web-app>The role-name(s) are set in the web.xml of the application, through a security constraint. The principle names are the user or group names
    configured in the admin console.
    When you edit the weblogic.xml to included a security role assignment and add role-name - principle-name mapping, for example
    <security-role-assignment>
         <role-name>visitor</role-name>
         <principal-name>testuser</principal-name>
    </security-role-assignment>now the testuser has visitor rights.

  • Are Visitor Entitlement Roles == Scoped Roles

    I'm working on the security implementation for a WebLogic 8.1 Portal application.
    I've been doing some prototyping and am trying to determine where Visitor Entitlement
    roles are stored. Are these implemented as scoped roles from a WL platform viewpoint.
    I created two test roles for my portal and do not see any scoped roles under
    the application or the portal node in the WebLogic console.
    I'm trying to determine if these portal entitlement roles are/can be treated as
    weblogic platform roles and can be used in security annotations for an EJB or
    Java Control, and if they can be used for IsCallerInRole. I can create a security
    policy to protect the portal resource, but I'm looking for a way to apply the
    corresponding security in the business layer.
    Thanks in advance for any advice.
    Jim

    Jim,
    The WLP roles are stored in the default role mapper provider. They are
    scoped roles, but only attachable to WLP resources (pages, portlets, etc.)
    and cannot be used to protect J2EE resources. The basic reason for this
    is because WLP roles can include custom predicates (date/time/profile
    attributes) that rely on layered product classes that the base application
    server is unaware of and cannot edit using the WLS console.
    In Service Pack 3, the WLP admin tools will allow the converse - that is,
    you'll be able to reference/use WLS global roles in WLP policies.
    Service Pack2 adds a new tag to the auth taglib which allows you to
    do a isUserInRole check against the WLP (and WLS) roles.
    -Phil
    "Jim Maycott" <[email protected]> wrote in message
    news:[email protected]..
    >
    I'm working on the security implementation for a WebLogic 8.1 Portalapplication.
    I've been doing some prototyping and am trying to determine where VisitorEntitlement
    roles are stored. Are these implemented as scoped roles from a WLplatform viewpoint.
    I created two test roles for my portal and do not see any scoped rolesunder
    the application or the portal node in the WebLogic console.
    I'm trying to determine if these portal entitlement roles are/can betreated as
    weblogic platform roles and can be used in security annotations for an EJBor
    Java Control, and if they can be used for IsCallerInRole. I can create asecurity
    policy to protect the portal resource, but I'm looking for a way to applythe
    corresponding security in the business layer.
    Thanks in advance for any advice.
    Jim

  • Access Visitor entitlements programmatically

    Hi,
    I wonder if it is possible to access (create, manage, delete) Visitor Entitlements programmatically by a Beehive control/Helper ...
    It is possible to do this for Delegated Admin roles with the DelegationRoleManagerControl control provided by Oracle. But I didn't find an equivalent to manage the Visitor Entitlements roles.
    I'm using Weblogic Portal 10.2 (Weblogic Server 10) on a JRockit R27.6.0 1.5.0_15
    Best.
    Edited by: user11804594 on 19 août 2009 02:54

    Hi
    if you want to get the list of roles for the currently logged in user thats possible.
    If you want to get the roles for any logged in user, its possible if you know what the entitlement definition is before hand. if the entitlement is based on directly assigning users to the role or groups to the role, then its fine and can be done without needing the code to know which role is which group, it can be done programmatically.
    if you have a more complicated and or clauses in the role definitiob or do not know the entitlement definition before hand then I dont think it is.
    Which scenario applies to you?

  • Weblogic 10.3.2 visitor entitlements roles issue

    1)I am upgrading my weblogic portal application from Weblogic 8.1SP4 to Weblogic 10.3.2 version. I found that roles that created under visitor entitlements thru weblogic portal administration portal are not visible to assigned user.For example I created testRole for my application and added user testuser to this user.When I login to my portal application this user should able to see the portal page that related to testRole.But currently this is not working.
    To fix the above issue I created one new group under User and groups management and added the above user to that group and added that group to testRole. Now the user is able to see the portal pages
    My question is why the user is not able to access the roles when he is not part of any group.Because My portal application have different business users with different entitlement setups for which I cannot categorize under groups.
    The above functionality is working fine in Weblogic8.1SP4 production environment.
    Regards,
    Satya

    Hi Satya
    Post on the WebLogic forum....
    WebLogic Server - General
    Cheers
    David

  • Visitor entitlements have disappeared in Web Logic Portal console

    Hi all,
    Please help! We have an issue whereby our users no longer have permission to access parts of our web application. Upon further investigation, when looking in the Portal console under visitor entitlements, we see the following message:
    There are no visitor entitlement roles to display.
    We have checked the portal database, and can see the roles are still in there, but aren't being retrieved by the application. We can also add new roles through the console, which are persisted in the database, but these too do not show in the console.
    This had previously been working, and we are not sure what has changed.
    Please advise what further information I can provide to help resolve this!
    Kind regards,
    Mike

    Hi,
    I was able to find a white paper which discusses this topic.
    http://edocs.bea.com/wlp/docs81/whitepapers/vcr/index.html
    If this isn't helpful, please post this question to the portal newsgroup at http://newsgroups.bea.com/bea/forum.jspa?forumID=2044
    cheers
    Raj

  • Creating new Domain by Copying the existing domain

    Hi,
    Is there any way to create a new domain by copying the already existing domain directory and pasting it to another directory in same machine or different machine.
    Can anyone suggest me the configuration file that needs to be updated for new domain name.
    Thanks
    Harish
    Edited by: user10833531 on Dec 2, 2009 7:52 AM

    When you mention "Before posting on forum I have tried this option. I tried again but no luck." do you mean you tried pack/unpack or template approach and this did not work. Or did you just copied domain folder and renamed and start the new domain and you got errors. Copying domain may not work 100% (not in the long run). But pack/unpack or template approach should work pretty much without any errors.
    As mentioned, I would recommend template approach or pack/unpack. You can provide the internal details and risk factors involved with hard disk copy of domain folder and renaming approach to the client. If domain copy approach works, then bea/oracle would not have come up with approaches like pack/unpack or template approach at all in the very first place. Copying domain folder and renaming may still work, unless you do all regression testing that includes cluster scenario also and all usecases.
    I would still recommend for pack/unpack or template approach to copy any existing domains.
    Just incase if your domain is like Portal Domain and if you deploy portal applications on this domain, then copying domain will just not work. Every domain is very tightly coupled with ldap files and db tables for any Security Visitor Entitlements and Delegated Admin roles. If its pure weblogic server application, these things will not come into picture. But for Portal, we do have something called Propagation Tool to migrate portal app from one domain to other domain. But still the domain cannot be copied and renamed.
    HTH
    Ravi Jegga

  • How user can be restricted with books available on portal.

    Hi
    I have created one portal and in it there are 10 books.I have made one user X and access this portal through user X and it displays all the books.
    Now i have made another user Y and want to access same portal above but with not all the books .With this user i want that it should display say example 5 books only.
    Regards
    Paramdeep Singh

    Paramdeep,
    You can set visitor entitlements from portal admin console for any user / group / role at portal /desktop / book / page / portlet level easily.
    Once you have done that, access the portal (desktop) and login from a portlet to which everyone should have access, weblogic portal will load the rest of the layout (resources) based on this user's entitlement.
    http://download.oracle.com/docs/cd/E13155_01/wlp/docs103/security/visitor_entitlemt.html
    Hope this helps.
    Sridhar S

  • Show/Hide DVT Admin Menu Based on Entitlements

    Hi,
    We're using the DVT framework provided in Weblogic Portal 10.3.2 to create My Page functionality within our portal project. Part of the requirement is to offer limited functionality to non-admin users.
    For example:
    Portal Level Customization Menu
    - Show/Hide based on entitlements (we tried setting an entitlement of the Main page Book, and that worked, however after that we were unable to see the Customize Menu for any child Books/Pages)
    - Limit entries based on entitlements
    Book Level Customization Menu
    - Limit menu entries based on entitlements
    - Restrict the ability to rename book based on entitlements
    Page Level Customization Menu
    - Limit menu entries based on entitlements
    - Restrict the ability to rename page based on entitlements
    Portlet Level Customization Menu
    - Limit menu entries based on entitlements
    - Restrict the ability to rename portlet based on entitlements
    We've been able to eliminate DVT functionality for entire Books and Pages based on entitlements, however we can't find a way to provide limited functionality as described above.
    Any suggestions on how to accomplish this?
    Thank you.

    Sorry about the confusion. What I meant was, I tested with both setting entitlement and DA roles (separately) and found that the usecase you are describing works. BTW, you are right in that only visitor entitlement roles effect dvt functionality. I just wanted to check if setting DA roles wasn't causing some undesirable behavior.
    Back to the issue you are having, I am assuming you are talking about setting a 'view' entitlement for 'role1' on the primary book and logging in as a user that is not in 'role1' but has 'edit' rights on a child page or book of the primary book. In that case you shouldn't be able to see anything since you don't have view rights to the main book. If that is not the case, can you provide details about your setup?
    Here is what I tested and found working. Set an 'edit' entitlement for 'role1' and a 'view' entitlement for 'role2' on the primary book. When logged in as a user from 'role2' I cannot see the 'Customize' gear icon on the primary book but I can see the gears on child books, pages and portlets. I tested the usecase with non-primary books and that works too.
    Thanks

  • Admin console extension sample

    I've been trying to create a simple admin extension against WLS 10.0. I believe I've followed the proper procedure by creating a myextension.jar file and placing it into the console-ext of the domain root directory. In this jar file, I have a WEB-INF/netuix_extension.xml file that tries to place a portlet on the "page" parent. The portlet is nothing special and just has a "hello world" jsp page. I have placed the files in the directories as recommended by WLS documentation and created the jar file. However, the extension has no effect. There are no console errors to be found in either output or logs and am hoping to find some help.
    Are there some extra debug flags I can turn on to see if it's being loaded, i.e. is there any config setting I can enable to provide more insight into finding the problem?
    I've looked, but have been unable to find a working bare bones example like this. Does anyone know where I can find one for WLS 10.0
    Here are the contents of the files I used to generate the extension:
    The netuix_extension.xml look like:
    <?xml version="1.0" encoding="UTF-8"?>
    <weblogic-portal-extension
    xmlns="http://www.bea.com/servers/portal/weblogic-portal/8.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.bea.com/servers/portal/weblogic-portal/8.0 netuix-extension-1_0_0.xsd">
    <provider-info>
    <title>My Console Extension</title>
    <version>1.0</version>
    <description>My Console Extension</description>
    <author>Oracle Inc.</author>
    <last-modified>08/18/2008</last-modified>
    <support-url>http://www.bea.com</support-url>
    </provider-info>
    <portal-file>/console.portal</portal-file>
    <!-- Adds a page -->
         <page-extension>
    <page-location>
    <parent-label-location label="page"/>
    <page-insertion-point
    layout-location="1"
    placeholder-position="0"/>
    </page-location>
    <portlet-content
    content-uri="/portlets/myext.portlet"
    title="My Console Extension"
    orientation="top"
    instance-label="MyExtLabel"/>
    </page-extension>
    </weblogic-portal-extension>
    The /portlets/myext.portlet page is:
    <?xml version="1.0" encoding="UTF-8"?>
    <portal:root xmlns:html="http://www.w3.org/1999/xhtml-netuix-modified/1.0.0"
    xmlns:portal="http://www.bea.com/servers/netuix/xsd/portal/support/1.0.0"
    xmlns:netuix="http://www.bea.com/servers/netuix/xsd/controls/netuix/1.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.bea.com/servers/netuix/xsd/portal/
    support/1.0.0 portal-support-1_0_0.xsd">
    <netuix:portlet definitionLabel="MyAdminPortlet" title="wwMyAdminPortlet">
    <netuix:content>
    <netuix:jspContent contentUri="/ext_jsp/myext.jsp"/>
    </netuix:content>
    </netuix:portlet>
    </portal:root>
    the jsp page is:
    <html>
    <head>
    <title>Sample Application JSP Page</title>
    </head>
    <body>
    Sample Application JSP Page
    <%= new String("Hello!") %>
    </body>
    </html>
    Thanks

    I have successfully installed this sample on a domain configured with the MedRec tutorial, but failed on a newly created domain. Again there were no errors reported in the console or log. How does one get more debug information?

  • Entitlements don't refresh

    I'm working with Portal 8.1. I have some pages that only authenticated users are
    permitted to see. I set up the typical forms based authentication web flow.
    I have used the admin portal app to set visitor entitlement roles for these pages
    to AuthenticatedVisitor/View.
    Login is successful, but the page tabs do not update to reflect the authenticated
    entitlements on the first render. I read that you must manually redirect to invoke
    a new request. So, I changed the login action to forward to a jsp that does a
    response.redirect("/MyPortalApp"). This does not work either. The only thing
    that has worked is having the jsp do a meta http refresh. This is not an acceptable
    solution.
    It seems that you must not only redirect for a new request, but you must render
    the current request as well? Would someone shed some light on this, please?
    best regards,
    -laphroaig

    "laphroaig" <[email protected]> wrote in message
    news:[email protected]..
    >
    I'm working with Portal 8.1. I have some pages that only authenticatedusers are
    permitted to see. I set up the typical forms based authentication webflow.
    I have used the admin portal app to set visitor entitlement roles forthese pages
    to AuthenticatedVisitor/View.
    Login is successful, but the page tabs do not update to reflect theauthenticated
    entitlements on the first render. I read that you must manually redirectto invoke
    a new request. So, I changed the login action to forward to a jsp thatdoes a
    response.redirect("/MyPortalApp"). This does not work either. The onlything
    that has worked is having the jsp do a meta http refresh. This is not anacceptable
    solution.
    It seems that you must not only redirect for a new request, but you mustrender
    the current request as well? Would someone shed some light on this,please?
    You need to redirect on the login request because you want to show different
    pages to the authenticated user. This must be done before the response is
    committed (before anything is rendered). This shouldn't require a meta
    refresh,
    but a location redirect, instead, using something like:
    response.sendRedirect(request.getRequestURI());
    >
    best regards,
    -laphroaig

  • Entitlements and Desktops when transferring ear file onto new machine

    Hi all
    I am encountering a problem when i transfer and deploy my ear file onto another remote test machine. When i log into my WebLogic Administration Portal all my desktops, entitlements etc are gone. I tried to refresh using the DataSync by going to the Bootstrap page but no luck - nothing refreshed.
    The remote machine is also NOT running on Production Mode.
    Is this the way it's supposed to be- i.e do i have to create a new portal, new desktop and create the visitor entitlements roles again on the Amin Portal of my remote machine or is their a way to just refresh the Admin Portal?
    Please help cos I'm quite new to WebLogic Portal.
    Thanks lots
    Rina

    Deploying an EAR is a separate process from deploying other assets such as information in the database. Please see the documentation on the Portal Propagation Tool for information on how to move these other assets between environments.

  • Add ldap user to Delegate Admin role programmatically

    Dear all,
    I have problem with
    @Control
    private DelegationRoleManagerControl roleControl;
    roleControl.addUserToRole(EWPConstants.USER_DA_ROLE_NAME,username,ResourceContext.createResourceContext(getRequest(),false));
    I used that control to add user to delegate admin role. It is working fine on admin server.
    But after we deploy on managed server (stand-alone), we get this exception intermittently.
    15 Sep 2009 12:59:40 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] ERROR ewp.control.pageflow.login.LoginController - login():
    com.bea.p13n.entitlements.common.PolicyMgmtAccessException: Attempt to access Entitlement Policy Mgmt API by user in invalid role. Entitlement Policy operation attempted by disallowed user ["principals=[ewpwlpuser01]"].
    at com.bea.p13n.entitlements.management.internal.SecurityHelper.isWLPAdminRole(SecurityHelper.java:881)
    at com.bea.p13n.entitlements.management.internal.RolePolicyDelegate.roleExists(RolePolicyDelegate.java:387)
    at com.bea.p13n.entitlements.management.internal.RDBMSRolePolicyManager.getGlobalRoleExpression(RDBMSRolePolicyManager.java:1702)
    at com.bea.p13n.entitlements.management.internal.RDBMSRolePolicyManager.addGlobalRoleUser(RDBMSRolePolicyManager.java:1421)
    at com.bea.p13n.entitlements.management.internal.RDBMSRolePolicyManager.addGlobalRoleUser(RDBMSRolePolicyManager.java:1388)
    at com.bea.p13n.entitlements.management.RolePolicyManager.addGlobalRoleUser(RolePolicyManager.java:514)
    at com.bea.p13n.delegation.management.internal.DelegationRolePolicyDelegate.addPredicatesToGlobalDARole(DelegationRolePolicyDelegate.java:614)
    at com.bea.p13n.delegation.management.internal.DelegationRolePolicyDelegate.updateRole(DelegationRolePolicyDelegate.java:254)
    at com.bea.p13n.delegation.management.DelegationRoleManager.updateRole(DelegationRoleManager.java:431)
    at com.bea.p13n.delegation.management.DelegationRoleManager.updateRole(DelegationRoleManager.java:398)
    at com.bea.portal.tools.da.controls.DelegationRoleManagerControlImpl.addUsersToRole(DelegationRoleManagerControlImpl.java:76)
    at com.bea.portal.tools.da.controls.DelegationRoleManagerControlImpl.addUserToRole(DelegationRoleManagerControlImpl.java:223)
    at com.bea.portal.tools.da.controls.DelegationRoleManagerControlBean.addUserToRole(DelegationRoleManagerControlBean.java:295)
    at ewp.control.pageflow.login.LoginController.login(LoginController.java:126)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)

    hi
    it should work even if the managed server is not part of the cluster.
    Again do you get this error randomly or can you replicate it?
    Its possible that your Database / LDAP is out of sync. Can you access portal admin console and can you see if the default two visitor entitlements show and you dont get any error saying PortalSystemAdministrator is not valid?
    Also you can just delete the managed server directory (under the domain/servers) it should recreate the LDAP (assuming admin server is running)
    regards
    deepak

  • Visitor Roles creation - NoClassDefFoundError

    Hi,
    I want to use visitor entitlement for my portal application, deployed as an EAR. I've a Session property set defined in my Datasync project within WL Workshop.
    The application has been successfully deployed on the WLS (8.1 SP3), and I've bootstrapped portal data using META-INF/data as the source.
    But anytime I want to create a Visitor role with the Portal admin console to use this property set, I get the following exception :
    Error 500--Internal Server Error
    java.lang.NoClassDefFoundError
         at com.bea.jsptools.vent.backing.VEntBackingPageFilter.isValidInput(VEntBackingPageFilter.java:374)
         at com.bea.jsptools.vent.backing.VEntBackingPageFilter.preRender(VEntBackingPageFilter.java:116)
         at com.bea.netuix.servlets.controls.content.JspContent.preRender(JspContent.java:314)
         at com.bea.netuix.nf.ControlLifecycle$5.visit(ControlLifecycle.java:405)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:618)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:629)
         at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:137)
         at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:220)
         at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:158)
         at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:360)
         at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:198)
         at com.bea.netuix.servlets.manager.PortalServlet.service(PortalServlet.java:711)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
         at com.bea.servlet.PortalSystemAdministratorFilter.doFilter(PortalSystemAdministratorFilter.java:78)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
         at com.bea.p13n.servlets.PortalServletFilter.doFilter(PortalServletFilter.java:351)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6458)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
    This seems odd, 'cause VEntBackingPageFilter comes from adminPortal.war, and I know it is embedded in my EAR.
    Wasn't really lucky with my search in these newsgroups.
    Well, as I'm quite new to portal dev and admin, I wonder if I'm missing something.
    Do someone have any clue on this ?
    Thanks for your help.
    CG

    Hi Jonathan
    I faced the similar problem and will share my observations.
    1. Redeploying a portal applicaton (specailly .EAR mode), can be done in 2 ways. Update existing Deployement like in Weblogic Console, we select Update button and upload latest version of .EAR and click next next etc. Another option is to Completely Delete the Existing deployment and start from fresh deploying the same .EAR file.
    2. I tried second option couple of times, I Deleted the existing portal application from weblogic console. The reason was some of my portlets were not showing up properly. Then I uploaded the latest .EAR file. I could see all my portal changes. BUT lost all my Visitor Entitlemenst, DA stuff on existing portal resources like Pages, Books, Portlets etc. Then I thought this does make sense. When I delete my portal ear completely, internal framework does delete all this security stuff. Reason is Visitor Entitlements, DAs etc are all tied to these portal resources. I lost all entitlements to all my Content stuff also.
    3. But in Update mode, I never lost any existing Entitlements or DA stuff. So I always use Update to upload new version of my portal EAR. And I never lost any existing entitlements or DA stuff etc in this mode.
    Thanks
    Ravi Jegga

Maybe you are looking for