Many Web applications must be customized with information that is specific to the end user who is presently viewing the page. In the past, the developer usually provided storage of personalization properties for end users viewing the page by means of cookies, the Session object, or the Application object. Cookies enabled storage of persistent items so that when the end user returned to a Web page, any settings related to him were retrieved in order to be utilized. Cookies aren't the best way to approach persistent user data storage, however, mainly because they are not accepted by all computers and also because a crafty end user can easily alter them.

As you will see in Chapter 18, ASP.NET 2.0's membership and role management capabilities are ways that ASP.NET can conveniently store information about the user. How can you, as the developer, use the same mechanics to store custom information?

ASP.NET 2.0 provides you with an outstanding new feature—personalization. The ASP.NET personalization engine provided with this latest release can make an automatic association between the end user viewing the page and any data points stored for that user. The personalization properties that are maintained on a per-user basis are stored on the server and not on the client. These items are conveniently placed in a data store of your choice (such as Microsoft's SQL Server) and, therefore, the end user can then access these personalization properties on later site visits. ...