Personally i think we should make a release that is easy to understand for new users. The question what should be the default security does not really apply for users that have already an security system running, abd if a user has context-demands, it can be changed easily.
Putting this all together is would say use the cloud context as the default, so new users dont have to understand the complex xml (i know some people who do find it complex, and why bother them with it, when it is not really nessecary). Changing passwords can be done in the editors and could be even profided inside an additional jsp Also the argument of un-installing builders is not a real stong one, since the new release offers the possiblity to remove builders. I'd say we should focus on a simple as possible install, which can always be configured to use more complex functionality. (it will be more easy to understand for users) > Context security being default: > [_] +0 (ABSTAIN ) > Cloud security being default: > [_] +1 (YEA) Eduard
