This does not directly answer your question, but why are you not using the "provided" scope. Example:
<dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.1</version> <scope>provided</scope> </dependency>
This way your WAR will not be filled with JARs that are already provided by JBossAS.
This does not directly answer your question, but why are you not using the "provided" scope.
In my case they are all transitive dependencies that need to be excluded. So yes, I could add them as top level provided dependencies or add them as 'excludes' but it is a pain.
Plus, in other cases, say I want to include the latest Hibernate libraries. I hit the same classloader problem that I thought isolation was supposed to solve.
Isolation, while handy, is not infallible. Let's say that class A uses class B which in turn uses class C. Classes A and C are in your isolated EAR. Classes B and C are in the lib directory. You now have a problem because the "C" you are using is from the lib directory, not the EAR. The solution to this situation is to also package B within the EAR. In many cases this is possible, in some cases it is not, especially if the standard Java EE libraries are involved.
One way to resolve such situations is to set the -verbose:class JVM command-line option. This option causes the classloaders to print out each class loaded and the JAR file the class came from. This might help solve the isolation issue.
As far as the Maven transitive dependencies go, I cannot think of any way around it that would not be more painful.