Create and Manage SharePoint / MOSS

2007 profile using FBA (Form Based

Authentication)
I Assume you use the “SPVisualDev for Visual Studio 2008” available free for download
at codeplex.com

I assume your web application is created and configured correctly and the SSP admin
application also. At first we need to enable Asp.net form authentication (FBA) at your
web application.

1. Open your web application directory and find the web.config file and replace the
LocalSqlServer connection string as the following: “<add name="LocalSqlServer"
connectionString="Server=.;Database=aspnetdb;uid=<you user id>;pwd=<your password>;"
providerName="System.Data.SqlClient" />”
2. Create user for admin and roles for registered users by using the tool provided in
visual studio 2008 “ASP.NET Configuration”
3. To enable Roles in web.config you can use the previous tool or add the
following line in web.config right after “<system.web>” tag “<roleManager
enabled="true" cacheRolesInCookie="false" />”.
4. Go to Central Administration > Application Management > Application
Security > Authentication Providers.
5. Choose your web application from the dropdown list then click on the zone. Set
authentication type to “Forms” and set membership provider name to
“AspNetSqlMemebershipProvider” and role manager name to “AspNetS
qlRoleProvider” and ensure that the enable client is set to “NO” then click save.

Before trying the code of editing profile we have to set permission for users to
edit their profile. We must let the SSP Admin application to be aware of the users
and roles in aspnetdb (which is our custom provider). This can be achieved by
extending the web application which has the SSP Admin application by the
following steps:

1. To ensure this we have to extend the web application of SSP

administration application site on port 80 on the same zone of your web
application.
2. Go to Central Administration > Application Management >
Authentication Providers .Then choose your SSP Admin web
application. Click on the new extended zone and set it to Forms
authentication as described in the previous steps.
3. Click on SSP Admin link from the left navigation bar. Go to User Profiles
and My Sites > Personalization of services permissions > add
users/group.
 4. Add the group or (Role) of the users you want them to have the ability of
editing their profile then set the security or permission to “use personal
features, Manage user profile” then save.

The code below for sample page with sample fields (properties). Notice that the
previous steps are made to enable security for “CreateUserProfile()” function.

using System;

using System.Data;

using System.Configuration;

using System.Collections;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using Microsoft.SharePoint;

using Microsoft.SharePoint.Utilities;

using Microsoft.SharePoint.WebControls;

using Microsoft.Office.Server.UserProfiles;

using Microsoft.Office.Server;

namespace Registration.ApplicationPages

public partial class EditProfile : System.Web.UI.Page

protected override void OnInit(EventArgs e)

this.btnSave.Click += new EventHandler(btnSave_Click);

 base.OnInit(e);

protected void Page_Load(object sender, EventArgs e)

try

if(!this.Page.IsPostBack){

using (SPSite site = SPContext.Current.Site)

ServerContext context =
ServerContext.GetContext(site);

SPWeb web = site.RootWeb;

web.AllowUnsafeUpdates = true;

String accountName = web.CurrentUser.LoginName;

UserProfileManager profileManager = new

UserProfileManager(context);

UserProfile up;

if (!profileManager.UserExists(accountName))

up =
profileManager.CreateUserProfile(accountName);

else

up = profileManager.GetUserProfile(accountName);

LoadProperties(up);
 //foreach( Property p in profileManager.Properties){

// Response.Write(p.Name+"<br>");

//}

catch (Exception d)

Response.Write(d.Message + "<br>" + d.StackTrace);

private void LoadProperties(UserProfile up)

txtFirstName.Text = (string)up["FirstName"].Value;

txtFirstNameAr.Text = (string)up["FirstNameAr"].Value;

txtMiddleName.Text = (string)up["MiddleName"].Value;

txtMiddleNameAr.Text = (string)up["MiddleNameAr"].Value;

txtLastName.Text = (string)up["LastName"].Value;

txtLastNameAr.Text = (string)up["LastNameAr"].Value;

protected void btnSave_Click(object sender, EventArgs e)

try

{
 using (SPSite site = SPContext.Current.Site)

ServerContext context = ServerContext.GetContext(site);

SPWeb web = site.RootWeb;

web.AllowUnsafeUpdates = true;

String accountName = web.CurrentUser.LoginName;

UserProfileManager profileManager = new

UserProfileManager(context);

UserProfile up;

if (profileManager.UserExists(accountName))

up = profileManager.GetUserProfile(accountName);

up["FirstName"].Value = txtFirstName.Text;

up["FirstNameAr"].Value = txtFirstNameAr.Text;

up["MiddleName"].Value = txtMiddleName.Text;

up["MiddleNameAr"].Value = txtMiddleNameAr.Text;

up["LastName"].Value = txtLastName.Text;

up["LastNameAr"].Value = txtLastNameAr.Text;

up.Commit();

lblAlert.Text = "Profile Saved";

LoadProperties(up);

else

lblAlert.Text = "Profile Not Exist";

 }

catch (Exception d)

Response.Write(d.Message + "<br>" + d.StackTrace);

Best regards,

Abdulhamid