' from login page Public Sub OnSubmit(ByVal sender As System.Object, ByVal e As System.EventArgs) If (CustomAuthenticate(UserName.Text, Password.Text)) Then Dim url As String = FormsAuthentication.GetRedirectUrl(UserName.Text, RememberMe.Checked) FormsAuthentication.SetAuthCookie(UserName.Text, RememberMe.Checked) If (RememberMe.Checked) Then Dim cookie As HttpCookie = Response.Cookies(FormsAuthentication.FormsCookieName) cookie.Expires = DateTime.Now.Add(New TimeSpan(7, 0, 0, 0)) End If Response.Redirect(url) Else Output.Text = "Invalid login" End If End Sub ' from global.asax Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) ' Fires upon attempting to authenticate the use If Request.IsAuthenticated() Then 'Dim ws As New TMSServices.InternalService 'ws.Url = ConfigurationSettings.AppSettings("ws" & Server.MachineName) & "InternalService.asmx" 'ws.Credentials = System.Net.CredentialCache.DefaultCredentials 'Dim Roles() As String 'Roles = ws.GetRolesArray(Context.User.Identity.Name) Dim Roles() As String = {"SuperAdmin"} ' Add our Principal to the current context Thread.CurrentPrincipal = New GenericPrincipal(Context.User.Identity, Roles) End If End Sub ' the target aspx page Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load 'Put user code to initialize the page here Label1.Text = Context.User.Identity.Name Label2.Text = "User is a SuperAdmin: " & User.IsInRole("SuperAdmin").ToString End SubThe final execution of Application_AuthenticateRequest before the target page is displayed shows that Request.IsAuthenticated is True and Thread.CurrentPrincipal.IsInRole("SuperAdmin") is True, but User.IsInRole("SuperAdmin") evaluates to False. In the Page_Load of the target web page, User.Identity.Name evaluates to the user name I entered in the login page, but both CurrentPrincipal.IsInRole("SuperAdmin") and User.IsInRole("SuperAdmin") evaluate to False.