1. yes. Neither the profile or the interface was defined with the expectation that the SAM should or could replace the Subject. A SAM adds principals if it knows what principals are relevant to the policy subsystem, or perhaps to a downstream authentication system. The GroupPrincipalCallback is used by a SAM when it wants to assign principals that the container's p2role-mapping system will recognize as groups. A SAM that has a tighter relationship or dependence on a specific underlying policy system or P2role mapping system, can directly add principals that it knows will be properly interpretted.
2. It can. if it does, it *should* find a way to ad them to a part of the session that applications are not able to write to.., and yes it could then restore them for use by the container.
[Message sent by forum member 'monzillo']
http://forums.java.net/jive/thread.jspa?messageID=393574