Disable anonymous access doesn't disable anonymous user
By working on #88 (closed), I found out that when we create an instance with anonymous access enable, it creates an user with login = anon and password = anon. If we disable it in the all-in-one.conf, we can still use "anon"/"anon" to connect ourself to the instance.
I don't know if we really can remove the anonyme user if it is disable, it may lead to issue on some application if the user anon is linked to other object.
A solution could be to generate randomly its password, and hide it. We don't need it anywhere, and we don't need it in the all-in-one.conf since changing it here won't change anything.