Don't think and worrie about too much the domain
Each of the server instances in the domain is nothing else than a standalone server but sharing the profile and some configuration in the donaim.xml.
You can simple look into the war application and compare the configuration follow the server-server-group-profile links in the configuration. The servers are started with port-offsets as you might do with standalone-servers.
And this way is easier to provide as a running example as there is no error prone start of different servers with the correct parameters.
I am facing the same issue while doing a client-server invocation from war to ear. I want to propagate the security credentials from war to ear to authenticate the EJBs. Both are using security domains. I am setting the context data in the ClientInterceptor , but it is never being invoked while doing the lookup.
Below is the code snippet for the ejb lookup.
Properties props = new Properties();
Context ctx = new InitialContext(props);
JBossLogin server = (JBossLogin) context.lookup("ejb:cls-calogi-app-188.8.131.52/jf-security-implementation-4.1.0//JBossLoginBean!com.emirates.jfoundation.security.jboss.ejb.interfaces.JBossLogin");