I had an interesting discussion about this with someone today, and I thought I'd share it with you all.

This person had a relatively small site based on TheBeerHouse. His problem was that his database seemed to be growing out of control. He had only about 100 registered users. Yet, his users table contained over 80,000 rows, and his DB had bloated to over 250 MB!

If you have a BeerHouse-based site, take a look at your users table, and you may see what I'm talking about here.

The reason this happens is that the app uses anonymous identification. You'll notice this in the web.config:

<anonymousIdentification cookieless="AutoDetect" enabled="true"/>

This is required to support the anonymous profiling features which are used in the Theme selector and the ShoppingCart. Of course, this means the app has to create a "user" for everyone who comes to your site. What happens is that, after a while, your DB contains thousands and thousands of junk records. Ouch.

Briefly, this is how it works: whenever someone comes to the site, the system creates an anonymous user and sets a cookie on that user's computer. Whenever the user returns to your site, it gets the cookie and uses it to "hook up" that anonymous user record to that user.

If the user actually registers on the site, the Profile_MigrateAnonymous method in Global.asax will take whatever info is stored in the anonymous profile and switch it to their authenticated profile. It will then delete that anonymous profile. All is good.

But, what happens when a casual user stops by, but never comes back? Or, if they come back, but only after that cookie on their computer has expired? You've now got a permanent junk record clogging up your DB. You can see how this could really add up after a while.

If you look into the actual user table data, you will see a column called IsAnonymous. Notice that most of them are set to "true". Now, look at the column marked "LastActivityDate". For any records with LastActivityDate older than 30 days, that means that the visitor never registered on your site, AND their cookie has already expired. That's an orphan record that you don't need or want hanging around.

If you use anonymous identification, you MUST have a way for finding and deleting all of these junk user records, along with any associated role, personalization, and/or profile data. Otherwise, your DB will just keep inflating indefinitely. Of course, they unfortunately don't mention this in the book, nor does ASP.NET system have a convenient way of doing this. In my opinion, this should have been built into the framework from the get-go. Sadly, it was not.

You need a procedure to find all Anonymous users older than 30 days and delete them, along with their anonymous Profile, Personalization, and Roles information. After some Googling around, I found a good article that contains a DB script that takes care of this:

http://msmvps.com/blogs/omar/archive...ip-tables.aspx

I hope this helps some folks out.

__________________
Visit my blog at http://leedumond.com
Follow me on Twitter: http://twitter.com/LeeDumond

don't you think that anyone who relies upon the m$ user/profile/wizard approach is doing themselves a disfavour? very inefficient and very un-scaleable imho.

I don't agree. The Membership, Profile, and Roles systems work together pretty seamlessly, and save you a tremendous amount of work. I think they are fine, as long as you are aware of what's happening behind the scenes when using anonymous identification and act accordingly.

FWIW, this person wasn't even using the Theme Selector or eCommerce modules at all, and thus could have turned off anonymous identification altogether, but didn't. Unfortunately far too many folks, instead of using TheBeerHouse as an architecture guide, blindly copy the whole application without thinking, then merely twiddle with the UI to meet their needs. Not a very smart approach.

I liked your comment better when it read "criminally insane" forumuser! ;] Anyway. I agree with both of you really.

On Lee's side, these controls are extremely powerful and work well in a r.a.d. secnario and yes if you know whats going on behind the scenes and can anticipate any issues there you are fine.

On forumusers side, you need to weigh the amount of tweaking you are ultimately going to be doing to make these controls scaleable so you don't wind up with a "Gotcha" much like was outlined in the O/P.

You can look at this with the "Buy vs Build" ideology: are you going to spend more time tweaking the provided controls so that they meet your functional needs then it would ultimately take you to create a similar control.

I don't want to sound like an elitest here but sometimes it seems that Microsoft is developing products for the lowest common denominator of programmers, the one's who want to drag and drop some controls, work through some wizards, and be done. Please don't misunderstand me, anytime Microsoft can save me time during my day I am completely on board with but alot of these controls, at times, add unnecssary bulk to the application. To this end I agree with Lee, alot of people take TBH and assume they have a stellar application where they need to pay no nevermind to the inner workings which is a sad misconception.

My two cents anyway.

/rant
-Doug

================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
.: Wrox Technical Editor / Author :.
Wrox Books 24 x 7
================================================== =========

yes, i thought that in the interests of diplomacy it would be best to moderate my original post :)
anyway, the serialization involved in the ms profiles model rules it out as an option for me, esp when it is so easy to roll your own, more efficient and scaleable model. anyway, horses for courses....
and btw lee, many thanks for your generator which i have used extensively during recent overhauls of our architecture.

Me and my criminally insane brethren thank you.

Can't take credit for that one. I think jimibt is the dude who worked on that.

On the subject of the original post... this is something again I think really should have been addressed in the book. I'm willing to bet that there are dozens, maybe hundreds, of BeerHouse-based apps out there that have this issue.

Speaking of which... does anyone know if Wrox is planning a third edition? I don't even know if Marco is around. The DotNet2TheMax site doesn't look like it's seen any attention in a while.

Jim Minatel would be the guy to ask about whether or not a third edition is planned for publication or not. As this portion of the forum has shown: there is still a great deal of interest and development still going on as a result of this book so nothing is impossible.

I do know they are not standing still as far as TBH goes since the Blox article I authored centers around TBH and 3.5 although it has not been released yet.

================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
.: Wrox Technical Editor / Author :.
Wrox Books 24 x 7
================================================== =========

Please let us all know when that comes out, would you?

Absolutely.

================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
.: Wrox Technical Editor / Author :.
Wrox Books 24 x 7
================================================== =========

Yes, we definitely have a 3.5 edition planned. I wish I could tell you all more about it but any information now would be premature. Soon though, soon I hope to be able to start letting some details out.

Jim Minatel
Acquisitions Director
Wiley Technology Publishing
WROX Press
Blog: http://wroxblog.typepad.com/
Wrox online library: http://wrox.books24x7.com