Review NamedUPCredentialLoginModule for potential violations and security risks.
Completed: At revision: 597752 http://svn.apache.org/viewvc?rev=597752&view=rev
o logout() should remove credentials from the subject. Added a test for the same.
o logout() should destroy credentials when the subject is read-only. Added a test for the same.
o Changes to bring NamedUPCredentialLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html
Completed: At revision: 597834
o A little cleanup
Completed: At revision: 597856