Do I strictly need authorities for user-service in Spring?

If I remove

<authorities-by-username-query="myquery">

in my jdbc-user-service then my form always gives me 'bad credentials'. I've checked it triple times , I cannot authorize person without giving him at least one authority?

Solution

the idea is that all users should have an authority to determine what pages/links a user should access

if you only have users, Set the render for the authority field in the view to false and then tell the controller to always set the role as "ROLE_USER"

Session timeout leads to Access Denied in Spring MVC when CSRF integration with Spring Security
Is it possible to control which requests will reset a session's inactivity in Spring Boot?
BCrypt in my Spring Security project (Spring security)
NoClassDefFoundError : BearerTokenServerAuthenticationEntryPoint
io.jsonwebtoken.UnsupportedJwtException: Signed Claims JWSs are not supported
Spring Security version 6 issues with SecurityFilterChain
How to check signature of a token coming from Azure SSO
How to trigger custom AuthenticationProvider for Cookie based authentication in Spring Boot?
The use of Spring Security Meta Annotation
How to disable csrf in Spring using application.properties?
Why in Spring application I get null as user when using @AuthenticationPrincipal?
What is the reason to disable csrf in spring boot web application?
Reason to disable CSRF in spring boot
Multiple Entry point configuration is giving me 403 error for spring security 6
How to enter username and password in Postman for spring security login page from Postman?
ApplicationListener<ContextRefreshedEvent> is not executed when the App is launched
Encrypting InMemoryAuthentication passwords with Bcrypt
What are Spring Security default credentials for Spring Boot?
How to install spring-boot-starter-security dependency
How to authenticate resource owner with JWT when sending request to /oauth2/authorize?
How to add Header - Authorization for swagger 3, spring boot
How to manage exceptions thrown in filters in Spring?
why does spring security refuse to use my config file
An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching key(s) found
After Spring Boot 3 update: Manually authenticating user not working
Multiple user details services for different endpoints
Spring Security - Authrozation on rest apis
Exclude specific resource page(s) from Cross-Origin-Resource-Policy same-origin header in Spring WebSecurityConfigurerAdapter
my Spring CustomSecurityExpressionRoot not working
@EnableGlobalMethodSecurity is deprecated in the new spring boot 3.0