Not possible to do without authentication, but luckily all you need to do is obtain an access key for their account, not the accounts of anyone visiting the site. If their account “owns” the appropriate Twitter application on dev.twitter.com, you can generate keys directly in the application settings page.
Then the only thing to do is use the application’s consumer key+secret, and the generated access key+secret to send signed requests to the API. Most good client libraries make it pretty easy to do this.
