使用Global

 protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        if (HttpContext.Current.Request.IsAuthenticated)//判断用户是否登陆
        {
            if (Context.User.Identity.AuthenticationType == "Forms")//判断是否是Forms验证
            {
                //对cookie解密
                FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value);
                string[] role = ticket.UserData.Split(',');
                Context.User = new System.Security.Principal.GenericPrincipal(HttpContext.Current.User.Identity, role);
            }
        }

    }