I woudl argue that the guest is still authenticating use its MAC address. In the logs and such, you can still get username level reporting and visibility.
If that isn't acceptable, then it would most likely involve some sort of cookie arrangement however, I'm not a http expert.