First of all, custom logging below $CATALINA_HOME is wierd and were I the sysop I would flat-out disallow this. It's too close to the web server being allowed to write to its own files, to my way of thinking.
OTOH, shell access to the webservers for devs is incredibly useful, even if all they can do is look. I have that kind of access on our web servers and it is most helpful.
Logging is the big reason. Logs of events occur in Prod that, not unreasonably, occur nowhere else. We need access to those for diagnosing real issues that occur on Prod. And for "debugging" things that can only occur in Prod often when interacting with third-party links that can only be done from Prod. We also use the access to verify code drops because Operations have a kind of set-and-forget mentality when doing releases.