Zope has a flexible, fine-grained security model that lets you configure
context-dependent mappings from users to roles and from roles to
permissions. The model fits most organizations' needs and has been used
all over the world, but the flexibility sometimes comes at a price of
complexity.

One major difficulty in using the Zope security model is its lack of
clarity when access is denied. Because production sites should not reveal
too much about the site to those who are denied access, the lack of
verbosity in the default Zope security policy is appropriate for such
sites. But site developers need more details.

This product attempts to explain the complete reasoning for failed
access. It shows what object was being accessed, what permission is
required to access it, what roles map to that permission in that context,
the executable object and its owner, the effective proxy roles, and other
pertinent information. All of this information appears in the exception
message when access is denied.