Per this thread: http://www.jsecurity.org/node/1081#comment-289
It appears that we can't use Ki. So far the development team seems to be happy with "Apache Security API", which can have (good) far reaching implications for a good quality framework. Any objections? - Les
