> > The biggest issue for me is that class > loader issues are *really* difficult to diagnose, so if people have > issues 6 months down the line, we'll probably decide it's a > configuration error on their part. That's if they report them rather > than simply dumping JSecurity. >
I think that's an excellent point worth keeping in mind. Also, seeing how most people in the thread are against the idea of the the abstraction layer, and that no matter how simple the layer it still creates more moving parts than not having it and if we follow the principle of keeping things as simple as possible it would be best to leave the layer out until we come up with an absolute need of having it. I do think it would be nice to not require 3rd party libraries unless the end user chose to utilize them, but over all it seems that it might be best to cross that bridge when we get there. Just my $0.02! :)
