Contrary to the comments on the mailing list thread, this isn't an openejb problem. Login modules are global resources and we need to set a thread context classloader suitable for a realm before trying to use it. Kinda messy.... but we didn't write the jaas spec. Openejb doesn't know which app you might be interested in at the point it is trying to authenticate you here, so it wouldn't know what to do anyway.
I'd like to know what problems you found with the configuration suggestion I made in the thread. The user list would be a good place to discuss that.