I just filed a jira proposal of ZooKeeper authentication enhancement by enforcing auth-info to clients.
The point is that, while ZooKeeper provides a nice authorization framework, it doesn't fit and very expensive to a basic authentication need which requires very straightforward ability to either allow or deny unauthenticated user connections. To achieve this, every znode should have at least one ACL attached. Please take a look at the detail description on the ticket above.
As I believe there must be similar need widespread over the community, please have a look and vote if you agree, so that this can be taken in the upcoming releases with priority.