i log users into .net using straightforward .net authentication:

if ( Membership.ValidateUser( user, passwd ) )

works fine. hot on the heels of that, i try to get the user name:

Membership.GetUser().UserName

sometimes this will return an invalid object. sometimes not.
i cannot seem to detect a pattern as to which is which.

for example, a user logs in with a valid role in the system as ‘root’/’password’.
the ValidateUser() call succeeds, but Membership.GetUser().UserName returns an invalid object.
2 seconds later, do the same exact thing again, and both the validate and the GetUser() succeed.

any ideas?

.. edit 1 ..
here’s how i use the username:

Roles.GetRolesForUser( Membership.GetUser().UserName ); 

when i swap in System.Environment.UserName, the roles list comes back empty.

if i leave it as is and i set the auth cookie using ‘true’ as my second argument, it works fine.

FormsAuthentication.SetAuthCookie( user, true );

if i use HttpContext.Current.User.Identity.Name, the roles list is fine with the auth cookie set to true or false.

now, i understand the issue about performance. this is important to me. but i also need to ensure the application functions correctly.