1. Implement logging throughout, 3 levels, None, Minimal and Full. Might be easiest to implement most of this at the communication with UIS stage, Full should log full commands to UIS and results.
2. Fix issue when a user exists in AD but not UIS, currently gives full access to everything.
3. Close socket when we get a result from UIS to stop UIS logging this as an error.
4. Change authentication so that instead of authenticating via LDAP we use UIS to handle this, following order should be used :
a. USERVALID LoginName=???? Password=???? – If this returns a PersonalID we can assume user is valid and jump to d, otherwise try b.
b. LDAPAUTHENTICATE LoginName=???? Password=???? – If this returns ‘1’ we proceed to c, otherwise invalid login.
c. GETPERSONALIDFROMWINDOWSLOGIN WindowsLogin=???? – This will return the PersonalID we need to check groups etc, we currently do this I believe.
d. GETCUSTOMERGROUP PersonalID=???? – This will return all of the AD groups for the user so we can give access to menu items etc.
5. need to change the currency so that rather than getting it from the locale we get it from UIS using the following command :
GETSETTING ID=????
With the below parameters :
34 Currency symbol
35 Number of currency decimals
36 Currency decimal separator
6. We need to make the permissions more stable and make it so that access to a menu item can be assigned to ALL, A Group from D Above or Disabled.
7. We need an installer for the application or at a minimum a configuration application to configure the system and build the web.config. If only a configuration application this could be web based and we could build the installer separately.