I'm playing with this Azure web role sample. It contains a class derived from RoleEntryPoint and a .aspx page that contains a button click handler.

I test it in Azure Emulator. I put the following code (taken from here)

string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;

in both role OnStart() and the button click handler. When role OnStart() is invoked it happens to run in WaIISHost.exe under MachineName\\MyLogin account and when button handler code is invoked it happens to run in w3wp.exe under MachineName\\NETWORK SERVICE account. That's surprising.

Why are these pieces of code from the same role project run inside different processes and under different accounts? Can I change that?

David is correct. In addition to that, you can turn off this behavior and run everything in the hostable web core (as it worked before SDK 1.4). You just need to comment out the "Sites" section in the services definition like in the example below:

<?xml version="1.0" encoding="utf-8"?>
<ServiceDefinition name="aExpense.Azure" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">
  <WebRole name="aExpense" vmsize="Medium">
    <Sites>
      <Site name="Web">
        <Bindings>
          <Binding name="HttpsIn" endpointName="HttpsIn" />
        </Bindings>
      </Site>
    </Sites>
    <ConfigurationSettings>
      <Setting name="DiagnosticsConnectionString" />
      <Setting name="DataConnectionString" />
      <Setting name="allowInsecureRemoteEndpoints" />
    </ConfigurationSettings>

With Windows Azure v1.3 and beyond, a Web Role takes advantage of the full IIS, rather than Hosted Web Core. IIS runs in a separate appdomain.

See this blog post from the Windows Azure team for the gory details.