Hey Lukas - that's a tricky problem to solve! Here are my thoughts:
1) Agreed would be hard to maintain.
2) is too fragile - who knows what mappings some people might use.
3) The problem is it can circumvent an applications page security if they are using web.xml to secure their resources. Imgine they put protection on /admin/* and un benownst to them, there admin section is now available under /org.richfaces.resources/
Rather than a FacesServlet mapping, can we provide our own custom servlet to serve only these resources? This would be mapped to a url as you proposed above, but would be secure as it would only serve the resources you intend.
1) WDYT about interpreting links in common CSS files as JSF resource links? This can be a runtime/compile time enhancement over standard CSS (maybe just for selected resource libraries).
2) IMHO most people use suffix mapping, so this won't work.
3) I agree this can conflict with either security configuration as integration with 3rd party libraries.
Thanks for sharing your thoughts,
I have implemented ResourceServlet which serves resources only from /org.richfaces.ckeditor/ library and which delegates to FacesServlet.
I'm going also reference common CSS and JS files as JSF resource links so browser will be able to pre-cache them.