[Auth] Use BasicAuth during transition to BeakerNG

[StykMartin]

Hello,

As I'm working on the changes, there is a huge skeleton in the closet.
I'm speaking about Auth what we have in Beaker.

We have 3 types of how you can do auth

• BasicAuth
• Kerberos
• OAuth2

I will start from the easiest one

• OAuth2, I can tell right now that this will not work properly and it is not the suitable solution (Well, that's the reason why no1 really used it, like ever.)
• Kerberos, great thing, however our implementation of it is terrible. This has to be rewritten from scratch because we shouldn't use low-level GSSAPI to achieve those goals. Plus, all lab controllers have to be connected via Kerberos then as well.
• BasicAuth, what can I say. Basic. Good. It worked. Most of the companies are running this right now.

Therefore I would like to drop support for Kerberos and OAuth2 at this moment, so it is easier for us to put pieces into place (Hi Python 3).

And then we can evaluate this further like multiple identity provides running side by side (this is something that OCP and RHV are doing). Service accounts where it is need - looking at you, Lab controller.

[renanrodrigo]

+1 to multiple providers in NG.
Looking from the UI side, when we are rewriting it, authentication is easier to implement from scratch, we can design it to work as we wish.
Also agree with the poor current Kerberos flow.

I think wit is fine to drop it now, and then rewrite it in a more flexible way so we can accomodate the CLI, UI and LCs appropriately.

[StykMartin]

Also agree with the poor current Kerberos flow.

What!? I wrote that part. 😿

[renanrodrigo]

Kerberos, great thing, however our implementation of it is terrible. <Styk, Martin [2021]>

[JohnVillalovos]

We only use BasicAuth in our environment at this time. Support for SSO (Single-Sign-On) would be great, but at the moment we don't need it.