THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
The KIP proposes to add getSupportedPrincipalTypes to Authorizer interface. Each authorizer implementation can override this method to provide info on Principal Types it supports. AclCommand can use that info to perform ACLs validation. By default, getSupportedPrincipalTypes will return Set(KafkaPrincipal.USER_TYPE). This will ensure that authorizers won't have to make changes to continue working, unless they want to utilize this information.
Once this method is added we expect the Client of the authorizer to do the validation on principal types and the authorizer will still not do any validation by it self. As an alternative we can add the validation at Authorizer level. Having validation done at client side enables clients to fail fast for invalid principal types, whereas implementing it at authorization level removes the requirement of having the validation done on each client implementation.
An alternative of providing supported Principal types via interface is via a config option. Having a config option will be helpful for certain third party implementations that uses SimpleAclAuthorizer but support more PrincipalTypes. However, it requires adds one more config.
...