Zope does not by default store tracebacks for "Unauthorized" errors. Here is how to get them.

  1. Edit zope.conf. Look for where it says "security-policy-implementation". Add these two lines:

    security-policy-implementation python
    verbose-security on
    
  2. Restart zope.

  3. In the ZMI go to the error_log object (in the Root), open it and remove "Unautorized" from the list of "Ignored exception types".

  4. Reproduce the problem, go to the error_log and find the right traceback.

  5. Paste the traceback to a pastebin.

  6. Got it? Then: revert step 1 and step 3.

  7. Restart zope again, so your production system isn't slowed down by the "verbose security" setting.