If joomla is randomly generating the salt each time, how in the world does it validate user's logins against it. I thought normally the salted password was supposed to be stored somewhere as regular text and you validated against the hashed version of that and hashed password.

Not familiar with joomla in particular, but most salted passwords either contain the salt in the password string, seperated my a delimiter (typically $ or some other non alphanumeric character). Or it may be stored in a seperate column in the db table

Joomla generates a random salt for each password. Here you can find valuable information on how to work with the joomla methods to generate passwords:

http://forum.joomla.org/viewtopic.php?f=476&t=308499

From that bit you can see that the salt is stored after the password with a colon as delimiter.

$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword("blabla", $salt);
$password = $crypt . ':' . $salt;

[EDIT] I just needed to write an Authorisiation Validator with Zend_Auth to validate against a Joomla (1.0) install and I thought I'd update the information here about it. A snip of my code.

$dbAdapter = Zend_Registry::get('jdb');
$this->_authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
$this->_authAdapter->setTableName('jos_users')
->setIdentityColumn('username')
->setCredentialColumn('password');

//Joomla 1.0 uses hashes in the form md5(passwort + salt) + salt
$users = new Users();
$hash = $users->getHash($value);
$salt = substr($hash, strpos($hash, ':') + 1);
$password = md5($context['password'] . $salt) . ':' . $salt;

[/EDIT]

In the password field in the users table, it's the bit after the ":"

The formula is something like

password DB field = md5(password + salt) + ":" + salt