Profile Providers and Windows Authentication

Question

All our inhouse projects use Active Directory authentication and impersonation as this is the accepted security policy for the company.

I currently have a scenario where I need to store user profile information, and I would like to use the built-in Profile Providers which is standard in ASP.Net. I've previously used this happily with Forms Authentication, however I can't find any helpful information on how to implement this when using Windows Authentication.

• Is there any way I can get just the Profile Provider working with Windows Authentication out of the box?
• Will I be forced to create a custom profile provider?

The data will be stored in the database, not in Active Directory. However if the latter is possible some guidance would be appreciated.

Notes

• I don't need to use the Role provider, this is handled by AD.
• I am not sure if I need to implemented the AD Membership provider to get the Profile Provider to work.

Answer 1

you can just use the standard SqlProfileProvider. As username, use the Context.User.Identity.Name property. ASP.NET will create a user entry in it's standard tables himself to keep track of it. The role provider also works in combination with windows authentication. See this link for more information: http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Based-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.aspx

if you enable and configure the profile provider in the web.config, you can use it like this:

ProfileBase profile = ProfileBase.Create(Context.User.Identity.Name, true);
profile.SetPropertyValue("MyProfileProperty", propertyValue);
profile.Save();

Good luck!