When specifying a custom LoginModule implementation in a geronimo-application.xml file, the class cannot be loaded if it is in the EAR. Debugging, the classloader being used belongs to OpenEJB rather than the one for the application. I have tried both versions 2.0.2 and 2.1.
This bug was discovered and discussed in the mailing lists (http://www.nabble.com/Custom-LoginModule-classloading-issue-in-gernimo-2.0.2-td14404472s134.html) but I couldn't find any JIRA's for it. Note that the workaround discussed in the thread cannot be used in our application, though I tried it anyway and couldn't get it working.