[classlib][auth]Tidy up and tests of javax.security.auth.Subject.java

I have investigated Subject.java to understand the differences in behaviour between the RI and Harmony. There are several differences noted in the test files SubjectTest.java and SecurityTest.java which I have investigated and then mades some changes.

I will attach a patch with my changes which can be divided into the following parts:

• Change to Subject.toString(): Changed to match RI so that I could write a testcase (there was a FIXME in the code).
• When invalid Principal objects are put into the Principal set, I have changed the exception from IllegalArgumentException to SecurityException. The message text is unchanged (for example, "Element is not instance of java.security.Principal". My reasoning is that applications would be expecting the SecurityException in this case although it could be argued that an IllegalArgumentException is more suitable for adding to a Set. I have updated the relevant tests.
• I have added comments to all the tests which show different behaviour on the RI so that it is easy to understand which tests are different and why.