Modern computing networks provide access to a wide variety of computing resources such as data management, data processing, communications and the like. With increasing number of computing resources and associated users, increasingly more complex access control policies may be defined and applied. Thus, when a user's request to access a computing resource is denied, it may be difficult for a system administrator to determine the cause of the denial of access. Although a user whose access is denied is usually presented with some error message such as “Access denied,” such an error message is often kept general to avoid giving a malicious party clues of how to exploit a vulnerability. Hence, such an error message may not include sufficiently details to allow an administrator to effectively debug the access control policies.