Why exactly this is as it is, I can't say for sure, but that is definitely the way to authenticate in JBoss. The Context stuff is explicitly not supported in JBoss, you must use the ClientLoginModule.
My guess is, that's the way it is because 1. JBoss tries to use JAAS in a consistent way (that's why you specify a JAAS login module to bind your credentials instead of setting some properties in a class); and 2. there are probably some more things happening behind the scenes and the author thought it would be cleaner to wrap this in an object like the ClientLoginModule.
Finally got everything working! I just used the standard - AppCallbackHandler implements CallbackHandler class.
AppCallbackHandler handler = new AppCallbackHandler(user, pass.toCharArray());
LoginContext lc = new LoginContext("client-login", handler);
The client used auth.conf by setting -Djava.security.auth.login.config==auth.conf which contained -
thanks for you input.