RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Microsoft ASP.NET 2.0 Membership API Extended : Page 4

Working with big applications requires extending the Microsoft ASP.NET 2.0 Membership API to handle more detailed member records.

The ExtendedMembershipProvider
The Extended Membership API consists of the following:

  • The ExtendedMembershipUser class, which represents a single user record with the default and custom properties of a member.
  • The ExtendedMembership class containing the static methods accessible by the user interface layer.
  • All the files that constitute the Extended Provider, which is used to provide concrete implementation for the custom methods added in the ExtendedMembership class.
The ExtendedMembership class is similar to the Membership class in the ASP.NET 2.0 Membership API. The static methods contained in the ExtendedMembership class combine functionalities from both the default Membership class and added implemented methods in the ExtendedMembershipProvider used to handle the custom data. I'll go through each implemented method and explain how it works.

  • CreateUser: Used to add a new member to the database.
  • DeleteUser: Used to delete a member stored in the database.
  • Update: Used to update a member's record in the database.
  • GetUser: Used to retrieve a single user stored in the database
  • GetAllUsers: Used to retrieve a list of users stored in the database.
You will use the above methods to manage both the default and custom properties of a member's record. This idea will be clear once I discuss the above methods in detail.

The CreateUser method has two overloaded methods: the first uses a CreateUserWizard ASP.NET control to create the user and the second creates a user programmatically using the ExtendedMembership API. In the code below, you can see an example of the method version that you can use inside the CreateUser event that ASP.NET fires after it creates the user through the implicit call to the Membership API inside the CreateUserWizard:

   public static bool CreateUser(string UserName, 
      string FirstName, string LastName, DateTime DateOfBirth)
      // Get the UserId
      object UserId = Membership.GetUser(
      // Call the custom provider
      return MemberShip.Provider.CreateUser(
         new UserInfo(UserId, FirstName, LastName, 
This method takes as input the UserName, FirstName, LastName, and DateOfBirth. It is useful when working with the CreateUserWizard. Later in the section I will present some examples on how to use the Extended Membership Provider where you will see that I add the custom fields in the CreateUserWizard; however, to add the user data into the default tables used by Membership API, I have to let the CreateUserWizard call the CreateUser method in the default Membership provider. Then I have to manually add the details of that user to the custom table using the above method.

The method starts by using the Membership.GetUser method to insert the UserId. Then you'll call the method from the provider that you will build soon. ASP.NET calls the method CreateUser, which takes as input a parameter of type UserInfo class. This method is an internal object that the Extended Membership Provider uses to facilitate passing data and ASP.NET adds the custom properties to it as details for the default member.

The other version of this method takes as input all the properties of a MembershipUser, in addition to the custom properties you added. Use this method when you are creating the user programmatically and not through the CreateUserWizard as shown below:

   public static ExtendedMembershipUser CreateUser(
      string UserName, string Password, 
      string Email, string PasswordQuestion,
      string PasswordAnswer, bool IsApproved, 
      object ProviderUserKey, string FirstName, string LastName, 
      DateTime DateOfBirth, out MembershipCreateStatus status)
      // Call the default Membership CreateUser method
      MembershipUser _mu =   Membership.CreateUser(
         UserName, Password, Email, PasswordQuestion, 
         PasswordAnswer, IsApproved, out status);
      if (status != MembershipCreateStatus.Success)
         return null;
      // Now since the CreateUser was successful, add
      // the additional data to your custom table
      UserInfo _ui = new UserInfo(
         _mu.ProviderUserKey, FirstName, LastName, DateOfBirth);
      if (ExtendedMembership.Provider.CreateUser(_ui) == true)
         return new ExtendedMembershipUser(_mu, FirstName, 
         LastName, DateOfBirth);
      // Since the record was not created in the custom table
      // you also need to remove it from the default
      // membership database
      return null;
The method creates the member's record with the default properties using the Membership.CreateUser method. If the creation was successful, it calls the method inside the ExtendedMembershipProvider that adds the custom properties to the UserInfo table. If that method inserts the record successfully, it returns a new instance of the ExtendedMembershipUser object; otherwise, it deletes the record and returns a value of null.

You can see the DeleteUser method in the following code snippet:

   public static bool DeleteUser(string UserName)
      // A simple call to the default 
      // DeleteUser method specifying that
      // all related data are to be deleted
      // Get the UserId to delete
      object UserId = Membership.GetUser(
      if (UserId != null)
         if (Membership.DeleteUser(UserName, true) == true)
            // You can delete from your 
            // custom table
            // Execute your custom method
            // to delete from your custom
            // table
            return MemberShip.Provider.Delete(UserId);
      return false;
The above method accepts as input the UserName. DeleteUser first tries to delete the member's record from the Membership API default database; if it deletes the record successfully, it deletes the details of that record from the UserInfo table.

The Update method (see Listing 1) assumes that ASP.NET only allows you to update the Comment, Email, IsApproved, and DateOfBirth properties for a member's record, which is exactly what happens in the Membership API.

Instead of directly updating the record, it checks if the above listed properties of the input ExtendedMembershipUser parameter are different from those stored for that member in the database. ASP.NET uses a flag for that process-if the flag is changed, at least one of the fields of the member's record stored in the database has changed and needs to be updated. Based on that flag, the Update method would update the member's record in both the default database and the UserInfo table.

The GetUser method has several overloads—the main overload is shown below:

   public static ExtendedMembershipUser 
      GetUser(string UserName, bool UserIsOnline)
      // Get the user from the default membership
      MembershipUser _mu = Membership.GetUser(UserName,UserIsOnline);
      // Check that the returned user is not null
      if (_mu != null)
         // Get the UserId 
         object UserId = _mu.ProviderUserKey;
         // Get the additional related data from the
         // custom database
         UserInfo _ui = ExtendedMembership.Provider.GetUser(UserId);
         if (_ui != null)
            // Combine both objects to get a full one
            return new ExtendedMembershipUser(_mu, _ui.FirstName,
               _ui.LastName, _ui.DateOfBirth);
         // The returned user object from the custom
         // database is null
         return null;
      // The returned user object from the membership
      // database is null
      return null;
The preceding method first tries to retrieve the member's record from the Membership API database. If it finds the record, it uses the ProviderUserKey value, which is the primary key in the UserInfo table, to retrieve the detail record from that table.

The GetAllUsers method has two overloads; Listing 2 shows the main one.

GetAllUsers gets a list of all member records from the default Membership database. It then creates a comma-delimited list of all member IDs and passes the list to the ExtendedMembershipProvider method to get all records whose IDs are present in the list. After that, GetAllUsers joins the data for each record from both data sources and returns a collection of ExtendedMembershipUser object.

The above explanation dealt with the ExtendedMembership class, which contains all the static methods available for the new extended Membership API. In provider model terms, the ExtendedMembership class is the Manager class. The Manager class and the following classes together form the complete ExtendedMembershipProvider:

  • ExtendedMembershipProvider
  • ExtendedMembershipProviderCollection
  • ExtendedMembershipConfiguration
  • ExtendedSqlMembershipProvider
  • ExtendedMembership
The above five classes constitute the major elements of a provider model in ASP.NET 2.0. Since I am discussing the extended membership provider, there is a very good link for a set of articles on the different providers available in ASP.NET 2.0, and a Provider Toolkit that creates for you the above five classes. It mainly creates the needed skeleton for a provider and you just add your functionality to those classes using your own methods. One note about the Provider Toolkit is that you need to configure the classes included with the provider name, namespace, and the type of the provider you want Oracle, Microsoft Access, MySQL, or Microsoft SQL Server to use. This configuration should take you approximately 30-60 minutes to do.

To save you time, I created a small Windows application utility (Provider Toolkit), which you can download here. I've explained the utility on that site. The Provider Toolkit can really make your life easy in developing providers for your own features in ASP.NET 2.0. Moreover, I used the toolkit to create the above classes of the ExtendedMembershipProvider.

MembershipProvider Methods
The MembershipProvider inherits from the ProviderBase, which is the base class for all providers in ASP.NET 2.0, and contains the abstract methods listed in Table 1.

Table 1: Abstract methods of the ProviderBase
Method Return Type Syntax
CreateUser bool CreateUser(UserInfo userInfo);
Delete bool Delete(object UserId);
UpdateUser void UpdateUser(object UserId, DateTime DateOfBith);
GetUser UserInfo GetUser(object UserId);
GetAllUsers List GetAllUsers();
GetUsersByUserIds List GetUsersByUserIds(string UserIds);

The ExtendedSqlMembershipProvider inherits from the ExtendedMembershipProvider and implements the above methods, which the ExtendedMembership class accesses, as shown in the code snippet below:

   public class ExtendedSqlMembershipProvider : 
The implementation follows the same technique used by the default Membership Provider API. I will just show one sample of those methods; Listing 3 shows the complete SqlMemberShipProvider, but I will discuss its CreateUser method.

The CreateUser method takes as input a UserInfo instance, does some checking on the validity of the input parameter, and then uses the normal ADO.NET code to add the new member record to the UserInfo table. The other methods in the class follow the same steps in their implementation.

You will not have to touch the other classes that are part of the ExtendedMembershipProvider and that the utility above created. ASP.NET uses them to manage the configuration section of the new provider in the web.config file.

Close Icon
Thanks for your registration, follow us on our social networks to keep up-to-date