Major Description
The user principal is something that uniquely identifies a user. An authentication token is the item that authenticates the user principal, may be temporal, and may vary. It is not clear from the implementation of ACCUMULO-259 that these are separate things, and I think it would benefit the API to distinguish them.
It could also simplify the API, for users transitioning from the old authentication stuff to the new authentication stuff, because there would be a one-to-one mapping with the username/password with which they are familiar:
public Connector getConnector(String username, byte[] password);
becomes
public <T extends AuthToken> Connector getConnector(Principal userPrincipal, T authToken);