Filters In ASP.NET MVC

Security of the web application is very important to ensure valuable information is protected and not accessible to unauthorised users or entities. There are lots of techniques to maintain the security of the application, which depends on the security type scenario. So in this article we learn in brief about the ASP.NET MVC filters, which are useful to maintain security during request processing.

The following are the filters provided by ASP.NET MVC to check the business logic and validation before and after executing the action methods or viewing the results .
  • Authorization filters
  • Action filters
  • Result filters
  • Exception filters

Authorization filters

used to authenticate requests before executing the action method to ensure the request is authenticated and genuine. The authorization filter uses the IAuthorizationFilter interface, in which authorization filter methods are defined.

Authorization filters have the following built-in filters.
  • Authorize
  • RequireHttps

Action filters

This action filter is useful to take some action before and after executing the action methods. This action filter implements the IActionFilter interface, which includes the following methods .
  • OnActionExecuting 
  • OnActionExecuted

Result filters

This result filter is useful to perform some action before and after executing the view result. This action filter implements the IResultFilter interface which includes the following methods .
  • OnResultExecuting 
  • OnResultExecuted 
The result filter has a built-in output cache filter.

Exception filters  

Exception filter in charge of handling unhandled exceptions thrown during the execution of an ASP.NET MVC pipeline request. This filter is very useful for capturing and logging the exception details wherever you want. This filter implements the IExceptionFilter interface, and it also has a built-in filter named HandleError.

These filters are executed in the following sequence
  • Authorization filters 
  • Action filters 
  • Response filters 
  • Exception filters 
Key Points
  • Filters are used to check some business logic before and after executing the action methods or viewing the result.
  • Each filter implements its own interface methods.
  • Filters can be applied at the controller level , action method level, as well as globally using the filterconfig class.
  • We can apply multiple filters to a single controller or action method.
  • If a given ASP.NET MVC filter does not fulfil our requirements, we can also create custom filters using FilterAttribute class.
  • Filters are typically registered in Global. asax file  
I hope you have got a brief understanding of the ASP.NET MVC filters. In my next article we will learn about each of the filters in detail with real-time examples.

I hope this article is useful for all the readers. If you have any suggestions, please contact me.

Post a Comment

Protected by Copyscape
Copyright © Compilemode