On Thu, Jul 17, 2008 at 6:09 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote: > If there isn't a _need_ for it, why should we worry about it? If you deploy > jcl-over-slf4j.jar with jsecurity instead of commons-logging.jar, you get > the SLF4J CL behavior. It is a deployment-time decision - not something our > code must force...
Well, there isn't much discussion that there is in fact a major issue with JCL and in my opinion everyone should stop using it now that there is a better alternative. Besides, I did not think the argument was over SLF4J vs JCL but rather JSecurity-logging-facade vs SLF4J. > Why even worry about that while we still have beanutils as a dependency and > commons-logging works fine, or if there are CL issues, jcl-over-slf4J.jar > works fine. As for beanutils, if you haven't already, feel free to open an issue with beanutils and let the same discussion start over there. There is at least one commons commiter on this thread (me) so we can carry the discussion over. As a future user of JSecurity, we're in the works of throwing out our homebrewed solution in FtpServer for JSecurity, I'm in the opposite situation with regards to download size. With the inclusion of JSecurity, we will now have to ship jcl-over-slf4j as we use SLF4J. We already do for Spring but that's an optional dependency and hopefully one that goes away with time. That said, that's just one sample out of many, there are of course others in the reverse situation. /niklas
