I'm re-posting my question about this here because it isn't really related to other logging discussion.
If we include the SLF4J API and a default Binding implementation inside of jsecurity.jar, are you all sure we won't have to worry about classloading issues at all? What if our default Binding implementation is utilized by SLF4J before user-configured binding is utilized? All binding implementations the exact same package and class name: org.slf4j.impl.StaticLoggerBinder. For example, the org.slf4j.impl.StaticLoggerBinder implementation the slf4j-log4j12.jar uses the Log4J 1.2 API. The identically packaged-and-named org.slf4j.impl.StaticLoggerBinder implementation slf4j-jdk14.jar uses the JUL API. If we have our own org.slf4j.impl.StaticLoggerBinder that implements my desired graceful degredation logic, are we sure this won't override a user-configured SLF4J binding? I think it might because then its a race condition to pick up the first org.slf4j.impl.StaticLoggerBinder class found by the class loader. Any ideas?
