I have  a self written ClientLoginModule (reading a X.509 certificate) a  ServerLoginModule. The Transport is done using SecurityAssociation, on the ServerLoginModule I want to change/replace the Principal and I want the LoginContext on the client side to know about the changed principal?
So, can I use the SecurityAssociation for sending data back from Server to Client?
As much as I know - You can't. SecurityAssociation is only container for credentials. But, in your ServerLoginModule You have method getIdentity() which return logged principal.
On client side try to get this info from LoginContext, with method getSubject().