A bit hard to say without more details, but the only things in EJB3 that have injection performed on them are classes annotated with
(and the JBoss extensions @Service and @Consumer).
If LoginModules can be created as EJB3 beans and hotdeployed I am not actually 100% sure, but a posibility could be for your LoginModule to delegate validation to a @Stateless bean which then accesses the entity manager.
I found a solution that is not very elegant but works!
My CustomLoginModule is a @Management @Service and therefore
@Inject-ion works and the create()-Method is executed upon startup. There i take the successfully injected EntityManager and put it in a static member where each instance of the Login Module is able to access it.
As I said: Not beauty, but works.