If you go with Martin's suggestion (removing WicketFiter), then you'll actually also need to add in some config:
https://github.com/apache/isis/blob/5fca1812c024e550413df3764cfb4bfdb101a1f0/example/application/simpleapp/webapp/src/main/webapp/WEB-INF/web.xml#L249 That's because the WicketApplication if present actually also does the bootstrapping of Apache Isis itself. If it isn't present, then we use the IsisWebAppBootstrapper (a servlet context listener) instead. HTH Dan PS: if you do go this way, then let us know if it doesn't work... haven't tried it out for a while. On Tue, 31 Jan 2017 at 20:21 Ahmed Ragab <[email protected]> wrote: > You would also need to remove the wicket viewer from the isis.viewers > context param: > <context-param> > <param-name>isis.viewers</param-name> > <param-value>wicket,restfulobjects</param-value> > </context-param> > > Best Regards, > Ahmed Ragab, M.Sc. > > On 31 Jan 2017, 20:49 +0100, JL Marizan <[email protected]>, wrote: > > You could put a reverse proxy on front of Isis like nginx and restrict > the > > access per URL: > > adding a rule to nginx is easy: > > location ~ ^/wicket-viewer/* { > > deny all; > > } > > > > El mar., 31 de ene. de 2017 a la(s) 15:44, Aída Betzabeth Dávila Sotelo < > > [email protected]> escribió: > > > > > Hi! > > > I need to cancel the access using wicket viewer, how can I restrict it? > > > My application works with swagger services and I want the users only > have > > > this access through the services. > > > > > > I have tried creating a role and giving permissions, but when giving > > > permissions to my dom, after that you can see in the application using > the > > > wicket. > > > > > > What do you suggest to not allow access to the wicket viewer? > > > What could I do? > > > > > > Thanks > > > Aída > > > >
