Not sure if I understand exactly your problem but I have a LoginModule access a secured EJB. I used RunAsLoginModule as an example.
The problem is that JBoss has a stack containing principals and credentials. When a login module is called this stack is empty so if your LoginModule tries to acces a EJB the security intercepter tries to re-login and you end up in an infinite loop. At the beinging of you login() method you need to push the role that is defined in your jboss.xml. This way when the security intecrept is applied it will find the correct role and let the access through.
In order to have login() push the roles defined in jboss.xml I need to retrieve them from a secured EJB. Kind of hen-and-egg problem ...
A login module in domain1 cannot call a secured ejb in domain1. You can specify the security domain at the bean level using the container-configuration setup of jboss.xml:
<jboss> <enterprise-beans> <entity> <ejb-name>AuditMappedEJB</ejb-name> <local-jndi-name>cmp2/audit/AuditMapped</local-jndi-name> <configuration-name>Secured CMP 2.x EnitityBean</configuration-name> </entity> </enterprise-beans> <container-configurations> <container-configuration extends="Standard CMP 2.x EntityBean"> <container-name>Secured CMP 2.x EnitityBean</container-name> <security-domain>java:/jaas/other</security-domain> </container-configuration> </container-configurations> </jboss>