I found an interesting problem where when the AuthoringUI was being redeployed via some task, it caused the security mappings to be missing, so you'd see a "IWKAP0009E Servlet is not available" message when you click the "New" button in the Authoring Portlet.
If this happens in the future, you will see something similar to this error and you will see "Servlet not enabled" when you click the "new" button in WCM authoring portlet:
[8/12/13 5:34:27:572 EDT] 0000003e WebCollaborat A SECJ0129E: Authorization failed for user YOURUSER:YOURREALM while
invoking GET on default_host:/wps/PA_WCM_Authoring_UI/AuthoringUIServlet/menu/popup/new, Authorization failed, Not granted any of the required roles: All Role
The ideal thing to do first is to check your wimconfig.xml and your security.xml to ensure the realms are correct. Here is a technote for a failing xmlaccess that shows the file location and the property to check for the realms:
If you check both files, and they are correct, then there are two actions you can take to resolve:
1) Follow the steps below to update the security mappings. (This is a configEngine task so does not require a restart):
Servlet not enabled
The Authoring Portlet and legacy Web Content Viewer portlet contain a servlet which is used to handle AJAX requests. Permissions need to be set on this servlet.
Apply servlet permissions by running a config engine task. To apply permissions for the Authoring Portlet, run: ConfigEngine.sh action-set-wcm-authoring-permissions. To apply permissions for the legacy Web Content Viewer portlet, run: ConfigEngine.sh action-set-wcm-legacy-localrender-permissions.
2)Login to the WAS console
Navigate to Applications > Enterprise Applications
Locate the "PA_WCM_Authoring_UI" application and click on it
Click "Security role to user/group mapping"
Ensure that the following special subjects are mapped:
Everyone role: Everyone
All role: All Authenticated
Please note that #2 requires a restart of WAS and a synch, so I would recommend step #1.