Why HttpContext.Current.User.IsInRole("Customer") returns false if the user is not logged in, I think because user is considered anonymous is this case, Correct?
Thanks
Yes, you are correct. Anonymous users cannot belong to a role.
Notice that the User object for an anonymous user is a GenericPrincipal and while it implements IPrincipal, the IsUserInRole method always returns false because there are no roles supplied when it is created by FormsAuthenticationModule.
Also notice that the User object for an authenticated user is a RolePrincipal, which queries RoleManager in IsUserInRole.