I don't know the internals, but if the cache can be omitted at all in default configuration, this is probably the best way to go. So I agree. All in all, I believe that there should be no assumption of having EHCache on the classpath by default - this should be configured explicitly. Regarding default realm with default users: this concept was a bit strange for me at first, and is definitely unusual, but on the other hand it has some advantages: for example, it may be useful for some kind of testing, I think, and for fast prototyping. For me it is hard to say which one is better: having the default realm registered by default or not.
-- View this message in context: http://n2.nabble.com/Problematic-first-steps-with-JSecurity-tp1316205p1481943.html Sent from the JSecurity Developer mailing list archive at Nabble.com.
