If your Rich UI application requires security, you have two options to give new users permission to access the secure areas: a system or security administrator can add a new user to the repository or the Rich UI application can contain code to add a new user to the repository. The method that you choose depends largely on the level of security that you need. For example, if the user must be a company employee or must possess a bank account to access a Web site, a system administrator likely wants to tightly control access to the repository. On the other hand, if the repository is mainly a way to keep a log of users and new users constantly request access, it might be inconvenient or impractical to go through a system administrator. In this case, an application might add new users to the repository.
Note that the tighter your user registry is controlled, the tighter the security will be of your Rich UI application and EGL Rich UI Proxy. Although securing your EGL Rich UI Proxy with JEE security prevents unauthenticated users from accessing the proxy, it does not prevent malicious authenticated users from using the proxy to inflict damage. Therefore, when you require new users to go through a system administrator, the EGL Rich UI Proxy will be more secure than if you allow the application to add new entries to the user registry.
If you must add new users to a repository with your Rich UI application, you can write EGL code to add the users. This code must run on an application server. You can write the code as either a Web service or a JSF application.
If you use a Web service to write the code to add a new user, the EGL Rich UI Proxy has to invoke the code. If the proxy is secure, a new user cannot access it. Therefore, you can use a Web service to add a new user only if the proxy is not protected by JEE security.
registerLink Hyperlink = new Hyperlink { target = "_blank", href = "http://localhost:9080/LDAPSample/ldapLogin.faces", text = "Click here to register" };
To close the window after authentication completes, the JSF page can invoke a JavaScript™ "window.close".