No, but he didn't say that he needed that. Not everything needs to be locked with key and authentication. Think intranet wiki, work group data, user preferences

If authentication is important, there might be other ways: A login/startup script could put a personalized cookie (i.e. a random number) into the cookie file of the browser and tell the server which user has which cookie number. This is a hack since you have to know which browser is used and if that browser changes its cookie file syntax, your app will malfunction and could even stop the browser from running.

But if the browser is not the normal browser but a separate instance started and solely used by the application this would be acceptable.