Problem: I traverse /foo/bar/guests/1/display, but even with admin access, having the manager role, I get an 'unauthorized' error, when 'bar' doesn't have the 'access contents information' right set for the anonymous role. Solution: After reading http://mail.zope.org/pipermail/zope/2005-February/156553.html it dawned me - in the sql method I query an attribute of the 'bar' folder, to determine the table to query from. As traversal (hoping over the 1 in guests/1/display) comes before authentication, I am stuck in the anonymous role at that point in time.