Website Profile Object in Asp .net 2.0 by azamsharp


Most of the websites provide the functionality which uniquely identifies the users.
This identification can be done using many methods. ASP.NET 1.X introduced Session objects which were used to maintain states of different users. In ASP.NET 2.0 we will see a new Profile class that eases the task for maintaining user’s session.

Setting up the Website Profile Object:

The first thing you need to do is to set up the Profile object. You must remember that you simply cannot use the Profile Object like the code below:

Profile["UserName"] = "azamsharp";

By default, Asp .net Website Profile is saved in the SQL SERVER 2005 Database and hence it looks under App_Data to find the database. If however you would like to use the Profile object using SQL SERVER 2000 you can easily do so by running a very simple command line tool.

Simply go to your Visual Studio.NET 2005 command prompt and type aspnet_regsql.exe which will open a wizard. The simple wizard will guide you through various steps. The wizard will also ask you to select the database name on which you want to use the profile object. Many tables and stored procedures will be created in your selected database.

Take a look at the screen shot below which shows various new tables created:

Our table of interest is aspnet_Roles which will save the roles for the users.

Configuring Web.config for Profile Settings:

After installing the required databases you need to make some configuration settings in Web.config file. The first thing you need to do is to define the connection string for your database. Take a look at the code below which defines the connection string for the database.

<!-- CONNECTION STRING--><connectionStrings>

Now, comes the settings for the Profile Object. Take a look at the code below where I have defined the settings for the Profile object.

<addname="PicturePath"allowAnonymous ="true"defaultValue="??"/>

Also, set the authentication mode to forms instead of Windows. Please note that Profile Object work with both Windows authentication as well as Form authentication. In this article I will be using Forms authentication.

Explanation of the code:

The first tag that you see the <anonymousIdentification enabled = “true” /> this means that the Website Profile will be created for anonymous users. This is a very useful feature if you are working with shopping carts. You can let the user do all the shopping using the anonymous profile and once they are ready to check out you can tell them that need to sign up to get their real profile. The <profile> tag has an attribute defaultProvider which indicates the name of the default provider. In this case we are using System.Web.Profile.SqlProfileProvider as the default provider. The other important attribute is the connectionStringName which represents the name of the connection string which we have already defined above.

The properties tags define the data and type of the data which you want to store in the Profile object. In this case I am storing the name and the PicturePath of the user. AllowAnonymous is set to true which means that the these properties can be set for anonymous users.

Using the Profile object:

Okay, now you are all ready to use the Profile object.

I have implemented this code in the button click event.

Profile["Name"] = "Bill";Profile["PicturePath"] = @"C:Bill.jpg";

As, you can see that you can use the Profile object in a similar way that you used Session. The Profile properties must be the same as it is defined in Web.config file or else it will throw a runtime error. The above code will run fine but it’s not strongly typed which means that you need to remember that you use “Name” and not “FirstName” and also you don’t get intellisense support when you typing in Visual Studio.NET 2005.

You can easily write those lines like this:

Profile.Name = "Bill William";Profile.PicturePath = @"C:Bill.jpg";

This way now you have intellisense support and there is less chance of making mistakes.

Where is the Profile Information Saved?

The Profile information is saved in the database aspnet_Profile. Simply, go to the SQL SERVER Enterprise Manager and open the database in which you created the Profile tables and open the table aspnet_Profile.

As, you can see that the Profile is saved in the table aspnet_Profile. The PropertyValuesString field contains the information about the properties which you have assigned. The first column is a UserId column which is a GUID.

When is the data written back to the aspnet_Profile table?

This is a very important and a question. It’s very important to know that when is the trip to database will be made and how can I avoid it. When you are using simple properties which we are using right now then each time in a request you assign something to the property it goes back to the database and writes the new value for the property to the database.

I have made request word bold since its very important. This means that if we are assigning 10 values to the Profile object in one request then it will make one trip to the database and not ten.

Retrieving the Profile on the other page:

Retrieving the Profile on the other pages is also quite simply. Take a look at the code below which shows how you can retrieve the values from the Profile objects.

protected void Page_Load(object sender, EventArgs e){
string userName = Profile.UserName;
string name = Profile.Name;
string picPath = Profile.PicturePath;

Easy isn’t it. UserName is a predefined property that comes with the Profile object. If you look in the UserName you will see that its a 16 byte Hexadecimal number. This means that your user is currently not authenticated and GUID UserName represents its anonymous ID.

Authenticating a User:

Everyone is assigned an anonymous ID when they first come to the website. You can transfer the anonymous ID of the user to the new ID with simple settings in the Global.asax file.

It’s always a good idea to authenticate the user in Application_AuthenticateRequest method of the Global.asax file. Let’s see why we need to do it.

Let’s say you write some code like this:

protected void Button1_Click(object sender, EventArgs e){

// Here you have authenticated the user 
FormsAuthentication.SetAuthCookie("Bill", false);
string userName = Profile.UserName;
Profile.Name = "Bill William";
Profile.PicturePath = @"C:Bill.jpg";

The userName will still contain the anonymous GUID because you requested the webpage using anonymous ID. When you reach MyPage.aspx the user is authenticated and will contain “Bill” as the userName.

protected void Page_Load(object sender, EventArgs e){
// gets the userName 
string userName = Profile.UserName;
string name = Profile.Name;
string picPath = Profile.PicturePath;

So, you must be wondering that what’s wrong with that since I finally got the correct ID. But go to the database check out the entries in the aspnet_Profile table. It will have two entries one for the anonymous user and one authenticated user that’s pretty confusing right. Therefore whenever you want to authenticate a user do the authentication in the Application_BeginRequest method of the Global.asax.

In this article you saw the insights of the Profile object. In the next article we will see how you can use Groups and Complex types with the Profile object.

I hope you liked the article, happy programming!