'true'/'false' value specifying if the client needs to submit a valid auth, 'false' by default (enable this for SSL-based user auth).