Recently had a situation in which we needed to access a specific field from the user profile object and render it in a web part. There are specific conditions that must be met in order to successfully access and leverage the user profile object. The first is that the calling code's security context must be such that it has the authority to make the call. Otherwise, a SOAP exception will be generated with the following message:
Attempted to Perform an Unauthorized Operation
Jingmei outlines the reasons why this happens here: http://blogs.msdn.com/jingmeili/archive/2007/05/31/how-to-display-current-user-s-full-name-email-and-other-info-in-infopath.aspx
Make sure to call into the portal URL instead of the IIS root _vti_bin.
The second concern was whether to have the web part pass the IIS Application Pool's identity to the UserProfileService, or to have the user's identity persisted or to have a specialized account set up for this purpose. The less of these three evils was to have the web part run as the application pool identity using the following code:
MOSSServices.UserProfileService profileService = new MOSSServices.UserProfileService();
profileService.Credentials = System.Net.CredentialCache.DefaultCredentials;
MOSSServices.PropertyData properties = profileService.GetUserProfileByName("VIRTUALMOSS\\Administrator");
This worked and allowed us access to populate the PropertyData object with User Profile properties.