SAML Token Principal can be propagated to the EJB layer, which right now we are not seeing.
Here are the results we see,
16:23:43,521 INFO [stdout] (default task-9) class org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl
16:23:43,522 INFO [stdout] (default task-9) subjectName
16:23:58,617 INFO [stdout] (default task-9) class org.jboss.security.SimplePrincipal
16:24:15,751 INFO [stdout] (default task-9) anonymous
CXF code isn't creating the Subject for the security context in a way that the EAP, or JEE containers, can understand. For UsernameToken type authentication this is done through org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor, but I'm unsure if this applies to SAML tokens.