Bizarre or brilliant?
Appalling! Hope you're prepared to bail when these geniuses screw up royally and take something critical down. They evidently don't have a clue.
ALL webapps are WARs, per the
J2EE standard. A WAR is nothing but a JAR with a specific structure. Some appservers also support "exploded" WARs, which are nothing more than WARs that have been UnZipped (since a WAR is a JAR and a JAR is a ZIP file with a META-INF in it).
There is no such thing as a "WEB-INF/lib" directory in ANY J2EE application server. WEB-INF and its lib and classes subdirectories are part of the structure that makes a JAR a WAR. Without WEB-INF, it's a JAR, not a WAR, and the server is at liberty to ignore the JAR, or even crash and burn (hopefully not, since that's not very robust handling).
So what this bunch of brilliant folks are
really doing is slapping a bunch of files into an existing exploded WAR structure, and in my book, that's
less secure than deploying an integral WAR
unit, not more.
Qualification: I said "All webapps are WARs, but actually, full-stack J2EE also supports collections of WARs (and other webapp resources) bundled in an EAR. Some servers, such as WebSphere will deploy simple WARs by synthesizing the parts of an EAR that would have otherwise been present so that all of its deployed apps are actually EARs.