Thanks to dancampb (https://supportforums.cisco.com/discussion/10783596/wlc-4400-issue-user-login-policies-parameter):
The user login policies is to limit the number of concurrent logins of the local netusers of the controller. It doesn't track the usernames from radius since the usename may not get picked up depending on the EAP type. You can limit the number of concurrent logins from the Radius server.
-If I helped you somehow, please, rate it as useful.-