SharePoint 2007: Use SqlProfileProvider with Windows Integrated Authentication?

Question

I am trying to figure out if it's possible to use the SqlProfileProvider (aspnetdb) for storing certain profile information for users that are authenticated to a SharePoint 2007 site by Windows Integrated Authentication. The goal is be able to develop ASP.NET code that stores a few personalization strings for each user and will run in an ASP.NET or SharePoint site. I was hoping I could use the SqlProfileProvider and then it would be available in either ASP.NET or SharePoint provided I added the correct provider to web.config.

Here's what I have in web.config in the SharePoint web application, however inside my ASPX code-behind Context.Profile is always null:

<profile automaticSaveEnabled="true" defaultProvider="AspNetSqlProfileProvider">
<providers>
    <clear/>
    <add name="AspNetSqlProfileProvider" 
         connectionStringName="aspnetdb" 
         applicationName="simple_test" 
         type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
<properties>
    <add name="TestName" type="System.String" allowAnonymous="false"/>
</properties>

(Note that aspnetdb is a valid connection string elsewhere in the web.config).

Anyone have experience with hooking up the aspnetdb Profile provider in conjunction with Windows Authentication, or does that only work if Forms/membership authentication is in effect? Any other suggestions on how the user settings can be persisted in ASP.NET/SharePoint without having to use cookies or write a data model and access layer from scratch?

Answer 1

Well it should be possible, according to this article:

Because profiles are stored in a user-specific record, you need to authenticate the current user before you can read or write profile information. You can use any type of authentication system, including Windows-based authentication and forms-based authentication. The profile system doesn't care—it simply stores the user-specific information in a record that's identified based on the user ID. Seeing as every authentication system identifies users uniquely by user ID, any authentication system will work.

But I have never tried it before.

Also, i found this post here on SO, which goes more into detail:

SO Post

Answer 2

After a lot more searching and prototyping I managed to stumble across the solution for this thanks to this MSDN Forum post. SharePoint removes the ASP.NET Profile module, so you have to add it back in to the Web.config httpModules section:

<add name="Profile" type="System.Web.Profile.ProfileModule" />

There are also some workarounds required to access the Profile attributes defined in web.config so you don't get compile-time errors. You can either develop a custom Provider as described in Becky's post for forms-based authentication or make calls to Profile.GetPropertyValue and Profile.SetPropertyValue to get and set the profile values for the current user.

I've posted a blog entry with more details and prototype code if you are interested.