Hi,
Does JBoss server have any feature through which application code "will not" get access to JBoss system/server classes (any security sensitive classes) ? As I understand, any application user can walk their way to JBoss internal classes through classloading heirarchy or use reflection to achieve the same ?
Thanks,
Krish