Alex Deparvu, as discussed today it seems that the following block in LoginModuleImpl.getLoginId can never be reached
the reason for this: that block resides inside an if-statement verifying that credentials are not null. if credentials are not null they will be any of the supported classes according to the implementation of getCredentials, which will return null if none of the credentials extracted from subject/callback/sharedstate is supported.
as discussed the safest way to deal with this is probably to get rid of that block altogether. let me know if you have any concern with that approach.