A User Profile is the collection of properties that define the information you want to store for users of your web application. A Profile object allows you to automatically save and retrieve user information across multiple visits to a web application. An application's profile object is defined using a simple XML elements in the application's configuration file (web.config). The ASP.NET 2.0 runtime groups these defined properties into a dynamically generated class. When the ASP.NET HTTP lifecycle starts, it dynamically creates a Profile object that contains the properties you have defined in the Profile section of the configuration file, properly typed. The object is then added to the current HttpContext object and is available to pages through the Profile property. Similarly, at the end of the ASP.NET HTTP lifecycle, ASP.NET automatically saves the Profile to the underlying data store. Any type of data can be stored within a user’s profile object, including simple types such as integers and strings, and complex types such as custom business objects.
Despite the fact that the Profile object is most commonly used to store data for authenticated users, the Profile object also supports storing information for anonymous users. This process depends on the Anonymous Identification feature than can be enabled in either the machine.config or web.config file. The Profile object and Anonymous Identification feature work together to enable the use of the Profile property for anonymous users.
How the Profile Object Differs from the Session Object
When developing web applications, we presently use a Session object to store information about the currently logged-in user. For instance, we might store his or her username so that later we can display the user's information in a profile page.
However, there are some limitations with the use of Session objects. Data stored in the session is available only during the current session. After the current session has expired, the next time the user visits the web application, the application must identify the user, load his or her personal information, and again store this information in a new Session object. On the other hand, a Profile object is persistent in the sense that once we store data in a Profile object, it will be automatically persisted to a storage medium, usually a Microsoft SQL Server database, at the end of each page request. The next time the user visits the application, the profile information created or modified during the previous visit will be automatically retrieved. This limitation in the Session object can be eliminated manually by configuring the session state section in the web.config file to store session data in a Microsoft SQL Server database or another data store. With the Profile object, this persistence is automatic.
A Session object is not strongly typed, as it provides only a collection of items. If you want to access an item stored in the session object, you can do the following:
string item1 = Session["Item1"].ToString();
A profile object has strongly-typed properties. That is, you access its properties in the same way you access properties of any other class. For instance:
string item1 = Profile.Item1;
This way you retrieved the value of Item1 which is a property of the current profile. We can even group properties into logical groups. For instance, a user's profile could contain Street, City, and Country properties. To logically organize your profile object, you would group those three properties into a new profile group named Address. Now, to access each of the properties you can do the following:
string street = Profile.Address.Street;
string city = Profile.Address.City;
string country = Profile.Address.Country;
Another important advantage of the Profile object over the Session object is that each property in the Profile object preserves its own data type, so when using a profile property there is no need to convert it from one data type to another. If we are storing the user’s ID value in a Profile object, so we can directly access its value as an integer without the need to do any conversion. However, in a Session object all items are stored as objects. If we are storing a user’s ID in a Session object, we must convert that session item into integer data type before being able to use it.
When to use a Profile object?
Having said that a Profile object is used to store visitor’s specific information across multiple visits, the question arises, what kind of information can be stored inside a Profile object?
The answer is that any kind of data can be stored, including simple data types like strings and integers, to more complex data types like ArrayLists and custom business objects.
In its simplest form, a website may need to store the username, first name, and last name of the logged in user, and use that information to identify the pages that are accessed by the user. For example, the website might present the user's first and last names at the top of each page.
How to do so with Profile object?
When the user is authenticated by logging in, the application might retrieve from the database the user's first and last names, based on the supplied username and password, and then store the username, first name, and last name in three separate profile properties.
The next time the user visits the web application, there is no need to again retrieve the information from the database and again store it in the Profile object. The ASP.NET 2.0 framework will automatically check the database where the profile data is persisted. If data is found for the identified user, ASP.NET will load the stored data into the current context's Profile object. Now you can use the profile object in the same way you used the first time, without the need to manually repopulate that Profile object. This shows that the data is persisted both within the same session and across many separate sessions.
That was a simple example of the usage of the Profile object. A Profile object can be used in any other scenario where there is a need to persist user-specific information across separate visits to a web application.