Since we are all out complaining about things we'd like to see differently in Zope, let me do my complaining here. IMO, the string exception problem is one of the worst simptoms of Zope string addiction. There are way too many parts of Zope that depend on using the right string value. Exceptions and permissions are the worst two, I think. Zope exceptions should be classes, as seb explained, but ideally the should inherit from a common Zope Exception that is already security declared, so that we can import and catch them in restricted code. I'm tired of writing python scripts that need to do a blind catch because the thing I'm trying to catch is a sligth different form of 'Bad Request' for something as simple as creating an object in a folder that happened to have the same id of an object already there. Any string exception in Zope core or in products should be considered a bug. As for permissions, I bet many of you have spent a fair amount of hours debugging a permission problem just to find out that you misspelled or miscapitalized (is that a word?) a permission and created another permission in the process. I think that permissions should be registered somewhere in order to be used, and the declarative security machinery should barf (or at least complain loudly) at any attempt to protect something with an unregistered permission. I envision something in the lines of: :# some product module : :from AccessControl import declarePermission : :editSomeStuffPermission = declarePermission("Edit some stuff", roles=( : "Manager", "Owner")) Which would declare a permission called "Edit some stuff" and automatically give it to the roles roles "Manager" and "Owner" In the end, editSomeStuffPermission might end up being a plain string, but if it's not a string, it could be security declared so as to be importable by restricted code. Speaking of permissions, when something is not accessible by web or restricted code, it should not trigger the Authentication mecanism. Since there is no login:password combo that could be used, as there is no role that would allow access, Zope shouldn't ask for them. And speaking of roles, I'm not sure if they should be unstringfied also, but since they aren't used directly (much) I don't see a pressing need to unstringfy them. Cheers, Leo -- Ideas don't stay in some minds very long because they don't like solitary confinement.