Non-amazing discovery about role management

I was reading a little more about the role management in ASP.NET v2.0 when I realized that, duh, the reason it's not on by default is that it checks the logged in user roles for you and adds them to the user's Principal object. I was so blinded by the idea that I had a fun little HttpModule that did this for you (back in the “dark ages” of .NET v1.1) that I overlooked that.

Now that the Microsoft documentation is, generally speaking, a lot better than it used to be, I should actually try reading it occasionally.