I have a custom login module that resides in login-config.xml, let's call it test1. If I deploy an ejb or webapp with the proper <security-domain> tag set to test1, everything works fine.

What I'd like to do is not have to provide a security-domain tag and default to some specific <application-policy>, similar the use of the application policy "other" when an unknown domain is used in <security-domain>. Is there any way to do this, or must the <security-domain> tag be present to use a custom login module?