Review WrappingLoginModule for potential violations and security risks.
Completed: At revision: 597730 http://svn.apache.org/viewvc?rev=597730&view=rev
o logout() should remove principals only when the subject is not read-only.
o logout() should remove/destroy credentials.
o Changes to bring WrappingLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html
**: This commit can use a thorough review.
Completed: At revision: 597830 http://svn.apache.org/viewvc?rev=597830&view=rev
o Moving principal wrapping tests to a different testcase.