Is there a way to disable the authorization on the applicationRealm?

I tried removing the authorization xml tag. But it still needed a user.

<security-realm name="ApplicationRealm">

                <server-identities>

                    <ssl>

                        <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>

                    </ssl>

                </server-identities>

                <authentication>

                    <local default-user="$local" allowed-users="*" skip-group-loading="true"/>

                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>

                </authentication>

                <authorization map-groups-to-roles="false">

                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>

                </authorization>

</security-realm>