To get started, you'll want a new web site that duplicates the work you accomplished in the security chapter. Create a new web site called SitePersonalization and copy the ASPSecurityRoles web site from Chapter 11 (Website → Copy Web Site). Copy over all the files, including the data files. Set Welcome.aspx as the start page and run the program to make sure you have a working duplicate.
The simplest form of personalization is to record information about the user and then to make that information available whenever the user logs on. This requires a kind of persistence that goes beyond session state. To create true personalization, you'll want to store the user's choices and information in a database that associates the saved information with a particular user and persists indefinitely. Fortunately, ASP.NET 2.0 provides all of the plumbing required. You do not have to design, edit, or manage the database tables; all of that is done for you.
To get started, you'll need to modify your project to handle user Profiles.
ASP.NET 2.0 has decoupled the Profile API (how you programmatically interact with profile data) from the underlying data provider (how you store the data). This allows you to use the default provider (SqlServerExpress), or one of the other providers supplied (SQL server) or even write your own provider (for example, if you have an existing customer relationship management system) ...