Here's an idea - I'm not sure I would actually recommend DOING this, for security reasons, but it will do what you have asked for...

Most web-based logins use a session id, which is stored on the client side (browser) as a cookie. People go to much effort to generate unique session ids, since chaos will ensue if multiple people have, for example, access to the same shopping cart at the same time.

But in your case, you could create one session, with a session ID of "1", and write this out to every client. This makes EVERYBODY look like "user 1" to the server.

As long as the users do "read only" type operations, this may work. If they can read and write - then you may have a lot of problems.

Note that most cross-site-scripting attacks basically involve a bad-guy stealing someone else's session id, and thus taking over their identity. So...

Also, keep in mind that over the years, programmers have tried really hard to develop idiot-proof applications, but the forces of evolution keep producing better idiots...