In my web.config I have the Role Manager configured as follows:

<roleManager enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" 
cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" 
cookieSlidingExpiration="true" cookieProtection="All">

however in our custom RoleProvider it would seems that the GetRolesForUser method is always being called, rather than as I would have expected, the RoleManager serving up the roles from its cookie.

We're using something like to get the roles for a user:

string[] myroles = Role.GetRolesForUser("myuser");

Is there something that I'm missing in the configuration, or in the use of the RoleManager

You are missing defaultProvider="yourRoleProviderName" in your web.config .

Do you call the method below for any user or for current user only? Cookie caching works only for current user roles.

Role.GetRolesForUser("myuser");

Check that .ASPROLES cookie is sent to browser after the fist call of IsInRole or GetRoles method.

It might work better if you were to change the value in your cacheRolesInCookie to true.