I am only going to show the different ways we can use code to take the value from Grid View.
Since possession of the role cache cookie is sufficient to prove role membership, if a hacker can somehow gain access to a valid user's cookie he can impersonate that user.
URL authorization rules can specify roles instead of users.
The Login View control, which renders different output for authenticated and anonymous users, can be configured to display different content based on the logged in user's roles.
It can be enabled through the Note The configuration settings listed in Table 1 specify the properties of the resulting role cache cookie.
For more information on cookies, how they work, and their various properties, read this Cookies tutorial. The path attribute enables a developer to limit the scope of a cookie to a particular directory hierarchy.And the Roles API includes methods for determining the logged in user's roles.