Do I strictly need authorities for user-service in Spring?

Question

If I remove

<authorities-by-username-query="myquery"> 

in my jdbc-user-service then my form always gives me 'bad credentials'. I've checked it triple times , I cannot authorize person without giving him at least one authority?

Answer 1

the idea is that all users should have an authority to determine what pages/links a user should access

if you only have users, Set the render for the authority field in the view to false and then tell the controller to always set the role as "ROLE_USER"