Debugging Unauthorized and turn off redirect

Turn off redirect in Plone 3/4 on Unauthorized Errors

UnauthorizedToday I had to debug a security related problem. In a complex site at some places a Unauthorized came up. I did all the holy steps needed I know (see It still ate up my error-message and even with log level DEBUG at all places no output with any value was available. This primary because the redirect to the login_form happened.

Ok, where can one turn off redirect to the login_form? To find this I had to step through the publishing process and found one of these lovely monkey-patches of Plone. It patches quiet and hidden and so it took me a while to recognize:

It is in The patch code itself is in while patching happens in the on zopes inititialize call.

I commented the line with monkey.installExceptionHook() and afterwards I got a wonderful traceback in my error_log.

I hope this may help somebody else.

Image by Bill Mill at flickr under CC-BY-SA