If your using SRP you should to be combining the org.jboss.security.srp.jaas.SRPLoginModule and org.jboss.security.ClientLoginModule with password-stacking="useFirstPass" so that the ClientLoginModule simply accepts whatever type of Principal has been set in the sharedState map under the javax.security.auth.login.name key. However, the SRPLoginModule is putting the principal username into the sharedState rather than the SRPPrincipal so your workaround is fine.
This change has been checked in for 3.2.6+
Thank you for the answer.
My workaround is like you sugested but I'm not realy satisfied with it. That's because I can't use the SecurityAssociationActions (the visibility is at package level) and another problem is that the direct use of SecurityAssociation is discouraged by you in your documentation materials as being internal API and passible of changes). So I'm realy waiting for the 3.2.6 version ....
I love your work. Thank you.