diff -r a4af502191d5 -r d7c33cbdce8b web/application.py
--- a/web/application.py	Thu Jan 29 10:54:41 2015 +0100
+++ b/web/application.py	Tue Mar 31 10:22:05 2015 +0200
@@ -365,12 +365,6 @@
                 # several cubes like registration or forgotten password rely on
                 # this principle.
 
-            # DENY https acces for anonymous_user
-            if (req.https
-                and req.session.anonymous_session
-                and self.vreg.config['https-deny-anonymous']):
-                # don't allow anonymous on https connection
-                raise AuthenticationError()
             # nested try to allow LogOut to delegate logic to AuthenticationError
             # handler
             try: