It should be possible for the server to let only authorized users connect. At least user authorization by username and password must be possible. Authorization via Kerberos or NTLM, or certificate based would be nice.