When creating a Forms Authentication ticket on your own you would generally use the UserData portion of your ticket to store information related to your user. This could be the roles.

Then in the Global.asax on the Application_AuthenticateRequest event you would parse your Forms Ticket and assign the roles to the current security principal.

Here are some guides on Forms Auth with different providers:

http://weblogs.asp.net/scottgu/archive/2006/02/24/ASP.NET-2.0-Membership_2C00_-Roles_2C00_-Forms-Authentication_2C00_-and-Security-Resources-.aspx

In general I usualy write my own System.Security.Principal.GenericPrincipal and System.Web.Security.FormsIdentity to do all the work for me.

public class UserIdentity: System.Web.Security.FormsIdentity 
{
    public string[] Roles { get; private set; }
    public string FirstName { get; private set; }
    public string UserName { get; private set; }
    public int UserID { get; private set; }

    public UserIdentity(System.Web.Security.FormsAuthenticationTicket ticket) : base(ticket)
    {
        if (ticket.UserData != null && ticket.UserData.IndexOf("|") != -1)
        {
            string[] dataSections = ticket.UserData.Split('|');

            //Get the first name
            FirstName = dataSections.Length >= 3 ? dataSections[2] : "";

            //Get the username
            UserName = ticket.Name;

            #region Parse the UserID
            int userID = 0;
            int.TryParse(dataSections[0], out userID);
            this.UserID = userID;
            #endregion

            this.Roles = System.Text.RegularExpressions.Regex.Split(dataSections[1], ",");

        }
    }
}

public class UserPrincipal : System.Security.Principal.GenericPrincipal
{
    public UserPrincipal(UserIdentity identity) : base(identity, identity.Roles )
    {
    }
}

And in your Global.asax:

    protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.User.Identity is System.Web.Security.FormsIdentity)
        {

            HttpContext.Current.User = new CAA.Utility.Security.UserPrincipal(HttpContext.Current.User.Identity is CAA.Utility.Security.UserIdentity?  HttpContext.Current.User.Identity as CAA.Utility.Security.UserIdentity : new Utility.Security.UserIdentity(((System.Web.Security.FormsIdentity)HttpContext.Current.User.Identity).Ticket));                


        }
    }

And to write the ticket:

                System.Web.Security.FormsAuthenticationTicket ticket = new System.Web.Security.FormsAuthenticationTicket(1, user.Username, DateTime.Now, DateTime.Now.AddDays(1), false, String.Format("{0}|{1}|{2}", user.UserID ,user.Roles.ToString(), user.FirstName ), System.Web.Security.FormsAuthentication.FormsCookiePath);
                HttpCookie cookie = new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName, System.Web.Security.FormsAuthentication.Encrypt(ticket));

                if (model.RememberMe)
                     cookie.Expires = ticket.Expiration;


                Response.Cookies.Add(cookie);

The code might be hard to follow but the logic is that the custom “UserPrincipal” will auto-parse the UserData section of the Forms Auth ticket for what ever information you want to store there. In my case I’m storing name, roles, id, etc. In my code the namespace “CAA.Utility.Security” is where my custom Identity and Principal are stored.