带有角色信息的FormsAuthentication身份验证

步骤：

1. 登录时手动设置FormsAuthenticationTicket，代码如下：

 // 可手动添加FormsAuthenticationTicket
FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, "username", DateTime.Now, DateTime.Now.AddMinutes(20), false, "admin");
// 加密
 string HashTicket = FormsAuthentication.Encrypt(Ticket);
// 生成cookie 
HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket); 
// 身份验证票Cookie输出到客户端 
Response.Cookies.Add(UserCookie);

2.在Global中增加以下代码:

　　　　　protected void Application_AuthenticateRequest(Object sender, EventArgs e)
        {
            //Construst the GeneralPrincipal and FormsIdentity objects
            HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

            if (null == authCookie)
            {
                //no authentication cokie present
                return;
            }

            FormsAuthenticationTicket authTicket =  FormsAuthentication.Decrypt(authCookie.Value);

            if (null == authTicket)
            {
                //could not decrypt cookie
                return;
            }

            //get the role
            string[] role = authTicket.UserData.Split(new char[] { ',' });
            FormsIdentity id = new FormsIdentity(authTicket);

            Context.User = new GenericPrincipal(id, role);
        }

这样，我们在程序中就可以使用[Authorize(Roles="admin")]进行验证了。