Destroys any credentials relevant to this LoginModule.
This typically means ending any session that was created as part of this LoginModule.
If the subject isn't readonly, this also remove any principals and credentials added as part of the earlier authentication.
true if this method succeeded, or false if this LoginModule should be ignored.