[Erik Enge] | def index_html(self): | """we have a doc string""" | return DTMLFile('index_html', globals()) | | And that worked [...] Actually it doesn't. Don't know why I thought it did. This however does work: index_html__roles__ = ['Manager'] def index_html(self): """we have a doc string""" return DTMLFile('index_html', globals()) There's something here I don't understand. My __bobo_traverse__ raises an unauthorized: def __bobo_traverse__(self, REQUEST, name): """Intercept the traversal""" if name: if hasattr(self, name): return getattr(self, name) self = <my_object at somewhere> REQUEST = the correct mapping object name = 'index_html' If I comment the __bobo_traverse__ away, the one in Application.py is used: def __bobo_traverse__(self, REQUEST, name=None): try: return getattr(self, name) except AttributeError: pass [snip] I've snipped it, because in this case getattr() always works. self = <Application at somewhere> REQUEST = the correct mapping object name = 'account' And this one doesn't raise an Unauthorized (and the name is different - maybe there is traversal going on elsewhere too?). Anyone "been there done that" before? Thanks in advance. :)