Have in mind that this is likely to change when we finish separating authentication from role mapping in the JAAS login modules.
What I am trying to make sure of is that the configuration for the domain management is following the same approach as for the AS security domains so when you say this will be changing do you mean before JBoss AS 7 is released?