I am using LDAPUserFolder with Zope 2.5.1 to authenticate users. I have users in groups (which show up as roles in Zope) such that the group names are part of some folder names, and I want to put the users in roles in the context of a folder based on whether they are in a group that matches the folder name and a certain role name. This should allow me to assign permissions to those roles in a containing folder and have them apply only to the folders that a user is in a group for. For example, if I put user 'jhohm' in group 'foo_dogs', then 'jhohm' automatically has the 'foo_dogs' role, but I also want 'jhohm' to have the 'dogs' role in the context of the '/auto/foo' folder; likewise for 'bar_dogs' giving 'dogs' in '/auto/bar', etc. Then I can just assign permissions to 'dogs' in '/auto'. I figured that one way would be to create a product inherited from OFS.Folder that defined an __ac_local_roles__ method, but I'm not having much luck with that (it seems to do nothing). Am I even on the right track?