I can't get an Unauthorized exception view to work with current Zope 2.12 svn. My approach was: - add a dummy PAS challenge plugin which does nothing, effectively delegating everything to my Unauthorized exception view - register a browser view for Unauthorized and return a proper error message there unexpectedly the result is a stock Zope2 site error page. What seems to happen is that everything works correctly, up to this point the zpublisher exception hook in Zope2.App.startup: if issubclass(t, Unauthorized): # Re-raise Unauthorized to make sure it is handled # correctly. We can't do that with all exceptions # because some don't work with the rendered v as # argument. raise t, v, traceback v is the html as generated by my view. Reraising the exception transfers control to the bare except in ZPublisher.Publish.publish_module_standard, which generates the standard site error page and returns that. What is the reason for re-raising Unauthorized there? There is no special processing for it anywhere up in the call stack, so I can see no benefit to it. If I remove that code block so we always return the result of the view everything works as I would expect. Wichert.