Asp.Net Mvc Introduction To Filters Complete Guide

 Last Update:2025-06-23T00:00:00     .NET School AI Teacher - SELECT ANY TEXT TO EXPLANATION.    8 mins read      Difficulty-Level: beginner

Understanding the Core Concepts of ASP.NET MVC Introduction to Filters

Introduction to Filters in ASP.NET MVC: Details and Important Information

Kinds of Filters

There are four primary types of filters in ASP.NET MVC:

  1. Authorization Filters

    • Usage: This filter allows for checking permissions before the action method is called. It implements the IAuthorizationFilter interface.
    • Details: An example of an authorization filter is the [Authorize] attribute used to restrict access to certain actions or controllers to authenticated users.
    • Custom Implementation: Developers can create custom authorization filters by inheriting the AuthorizationFilterAttribute class.

  2. Action Filters

    • Usage: These filters are executed before and after an action method. They implement the IActionFilter interface.
    • Details: Action filters can be used to modify parameters or manipulate the result before the action method executes or manipulate the action result after the action method executes.
    • Scenarios: Can be used to log request details, perform performance optimizations, or handle transactions.
    • Custom Implementation: Custom action filters can be created by inheriting the ActionFilterAttribute class.

  3. Result Filters

    • Usage: Result filters are executed before and after the action result is executed. They implement the IResultFilter interface.
    • Details: They are useful for modifying the output before it is rendered to the user or performing cleanup actions.
    • Scenarios: They can be used to implement caching or output compression.
    • Custom Implementation: Implement a custom result filter by inheriting from the ResultFilterAttribute class.

  4. Exception Filters

    • Usage: Exception filters are used to handle exceptions thrown during the execution of a controller action, filter, or view.
    • Details: They implement the IExceptionFilter interface and include methods to handle unhandled exceptions.
    • Scenarios: They can render a custom error view, log exceptions, or notify administrators.
    • Custom Implementation: Entity can be created by inheriting from the ExceptionFilterAttribute class.

Important Information

  • Order of Execution: The order in which filters are executed is crucial. Authorization filters are first, followed by Action Filters, Result Filters, and finally Exception Filters.
  • Short-Circuiting: Filters can short-circuit the pipeline. For example, an authorization filter can prevent further execution if a user is not authorized.
  • Global Filters: Developers can register filters globally in the FilterConfig.cs file, which will apply them to all controllers and actions unless overridden.
  • Filter Scopes: Filters can be applied at different levels, including globally, per controller, or per action, offering flexibility in granularity.
  • Built-in Filters: ASP.NET MVC includes several built-in filters such as [Authorize], [AllowAnonymous], [OutputCache], and [HandleError] to perform common tasks.
  • Filter Context: Each filter has a context object that provides access to the Controller, ActionDescriptor, and other relevant information.

Benefits of Using Filters

  1. Code Reusability: Filters help in reusing code across different actions and controllers.
  2. Improved Separation of Concerns: Separating cross-cutting concerns like logging, authorization, and caching from the main business logic using filters.
  3. Performance Enhancements: Implementing best practices like caching and compression efficiently via result filters.
  4. Exception Handling: Centralized exception handling using exception filters enhances user experience and debugging.

In summary, ASP.NET MVC filters provide a robust mechanism to handle various scenarios in the request lifecycle. By leveraging these powerful tools, developers can build more efficient, maintainable, and secure applications.

Online Code run

🔔 Note: Select your programming language to check or run code at

💻 Run Code Compiler

Step-by-Step Guide: How to Implement ASP.NET MVC Introduction to Filters

Step 1: Understanding ASP.NET MVC Filters

Filters in ASP.NET MVC are attributes that allow you to apply certain behaviors before or after the execution of controllers or controller actions. The primary types of filters are:

  1. Authorization Filters
  2. Action Filters
  3. Result Filters
  4. Exception Filters

Step 2: Setting Up a New ASP.NET MVC Project

  1. Open Visual Studio and create a new project.
  2. Select "ASP.NET Web Application (.NET Framework)".
  3. Choose "MVC" template and click "Create".

Step 3: Creating a Simple Controller

Let’s start with a simple controller to demonstrate the usage of filters.

// Controllers/HomeController.cs

using System.Web.Mvc;

public class HomeController : Controller
{
    public ActionResult Index()
    {
        ViewBag.Message = "Welcome to the ASP.NET MVC Filters demo!";
        return View();
    }

    public ActionResult About()
    {
        ViewBag.Message = "This is the About Page";
        return View();
    }

    public ActionResult Contact()
    {
        ViewBag.Message = "Contact us at support@example.com";
        return View();
    }
}

Step 4: Implementing Authorization Filter

Authorization filters are used to control access to controller actions.

// Filters/CustomAuthorizationFilter.cs

using System.Web.Mvc;

public class CustomAuthorizationFilter : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        // Custom authorization logic here
        if (httpContext.User.Identity.IsAuthenticated)
        {
            return true;
        }
        return false;
    }

    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.Result = new RedirectToActionResult("Unauthorized", "Home");
    }
}

Apply the filter to the About action in the HomeController:

// Controllers/HomeController.cs

[CustomAuthorizationFilter]
public ActionResult About()
{
    ViewBag.Message = "This is the About Page";
    return View();
}

Add an Unauthorized action to HomeController:

// Controllers/HomeController.cs

public ActionResult Unauthorized()
{
    ViewBag.Message = "You are not authorized to access this page.";
    return View("Unauthorized");
}

Step 5: Implementing Action Filter

Action filters allow you to execute code before and after the action method is called.

// Filters/CustomActionFilter.cs

using System.Web.Mvc;

public class CustomActionFilter : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        filterContext.Controller.ViewBag.ActionExecuting = "OnActionExecuting called";
    }

    public override void OnActionExecuted(ActionExecutedContext filterContext)
    {
        filterContext.Controller.ViewBag.ActionExecuted = "OnActionExecuted called";
    }
}

Apply the filter to the Index action in the HomeController:

// Controllers/HomeController.cs

[CustomActionFilter]
public ActionResult Index()
{
    ViewBag.Message = "Welcome to the ASP.NET MVC Filters demo!";
    return View();
}

Step 6: Implementing Result Filter

Result filters allow you to execute code before and after the view is rendered.

// Filters/CustomResultFilter.cs

using System.Web.Mvc;

public class CustomResultFilter : ResultFilterAttribute
{
    public override void OnResultExecuting(ResultExecutingContext filterContext)
    {
        filterContext.Controller.ViewBag.ResultExecuting = "OnResultExecuting called";
    }

    public override void OnResultExecuted(ResultExecutedContext filterContext)
    {
        filterContext.Controller.ViewBag.ResultExecuted = "OnResultExecuted called";
    }
}

Apply the filter to the About action in the HomeController:

// Controllers/HomeController.cs

[CustomResultFilter]
public ActionResult About()
{
    ViewBag.Message = "This is the About Page";
    return View();
}

Step 7: Implementing Exception Filter

Exception filters are used to handle exceptions that occur during the execution of an action or any filters applied to it.

// Filters/CustomExceptionFilter.cs

using System.Web.Mvc;

public class CustomExceptionFilter : ExceptionFilterAttribute
{
    public override void OnException(ExceptionContext filterContext)
    {
        filterContext.ExceptionHandled = true;
        filterContext.Result = new ViewResult
        {
            ViewName = "Error"
        };

        filterContext.Controller.ViewBag.ExceptionMessage = filterContext.Exception.Message;
    }
}

Apply the filter globally in Global.asax.cs:

// Global.asax.cs

protected void Application_Start()
{
    AreaRegistration.RegisterAllAreas();
    FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
    RouteConfig.RegisterRoutes(RouteTable.Routes);
    BundleConfig.RegisterBundles(BundleTable.Bundles);

    // Register the custom exception filter globally
    GlobalFilters.Filters.Add(new CustomExceptionFilter());
}

Create an Error view in the Views/Shared folder:

<!-- Views/Shared/Error.cshtml -->

@{
    ViewBag.Title = "Error";
}

<h2>An error occurred while processing your request.</h2>
<p>@ViewBag.ExceptionMessage</p>

Step 8: Testing the Filters

  1. Run the application.

  2. Access the Index action.

    • Check if ViewBag.ActionExecuting and ViewBag.ActionExecuted messages are displayed on the Index view.
    • Check if ViewBag.ResultExecuting and ViewBag.ResultExecuted messages are displayed on the Index view.

  3. Access the About action.

    • If you are not authenticated, you should be redirected to the Unauthorized view.
    • Check if ViewBag.ResultExecuting and ViewBag.ResultExecuted messages are displayed on the About view.

  4. Access a non-existing action.

    • You should be redirected to the Error view with the exception message.

Top 10 Interview Questions & Answers on ASP.NET MVC Introduction to Filters

Top 10 Questions and Answers on Introduction to ASP.NET MVC Filters

1. What are the types of filters available in ASP.NET MVC?

Answer: ASP.NET MVC provides four main types of filters:

  • AuthorizationFilter: Runs first and is used to determine whether a user is authorized to execute the action method.
  • ActionFilter: Used to manipulate arguments and return values around the execution of the action method.
  • ResultFilter: Used to manipulate the result returned by the action method before it executes.
  • ExceptionFilter: Used when there is an unhandled exception during request processing.

2. Can you explain the Order property of filters?

Answer: The Order property of a filter determines the sequence in which the filters execute when multiple filters are applied to the same action. Lower order numbers execute earlier; the default order is 0 if not specified. This is crucial when the execution order affects the behavior of your application.

3. When would you use the AuthorizationFilter?

Answer: AuthorizationFilter is used to control access to a particular action method or controller. You might use it to check user roles, permissions, or authentication status before executing the action. For instance, this can prevent unauthorized users from accessing sensitive parts of the application.

4. How does an ActionFilter differ from a ResultFilter?

Answer: An ActionFilter allows you to perform custom actions before (OnActionExecuting) and after (OnActionExecuted) the action method is invoked but its result is not yet executed. On the other hand, a ResultFilter comes into play just before (OnResultExecuting) and right after (OnResultExecuted) the view result (like ViewResult, PartialViewResult, JsonResult, etc.) is rendered.

5. Where do you typically define global filters in ASP.NET MVC?

Answer: Global filters are usually registered in the Global.asax.cs file within the Application_Start method using the GlobalFilters.Filters.Add() method. These filters will be applied across the entire application unless overridden at a more specific level (controller or action).

protected void Application_Start()
{
    ...
    GlobalFilters.Filters.Add(new HandleErrorAttribute());
    GlobalFilters.Filters.Add(new AuthorizeAttribute());
}

6. Can filters be applied to individual action methods?

Answer: Yes, filters can be applied to individual action methods by placing the corresponding attribute right above the action method declaration. They act only on that particular action.

[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Edit(int id, FormCollection collection)
{
    ...
}

7. What are the differences between Controller-Level and Global Filters?

Answer: Controller-Level filters are applied to all action methods within a specific controller. They are defined by decorating the controller class with the respective filter attribute. Meanwhile, Global Filters affect all controllers in the application, providing a centralized mechanism to apply logic.

[Authorize] // Global filter affecting all controllers if defined in Global.asax
public class UserController : Controller
{
    [HttpPost]
    [ValidateAntiForgeryToken] // Controller-level filter affecting its actions
    public ActionResult Login(UserModel model)
    {
        ...
    }
}

8. How do ExceptionFilters work in ASP.NET MVC?

Answer: ExceptionFilters catch unhandled exceptions during the MVC pipeline execution. They can be used to log errors, redirect users, provide friendly error messages, or perform cleanup actions without crashing the application.

public class LogExceptionAttribute : ExceptionFilterAttribute
{
    public override void OnException(ExceptionContext filterContext)
    {
        LogError(filterContext.Exception); // Custom logging method
        base.OnException(filterContext);
        // Optionally, filterContext.ExceptionHandled = true;
    }

    private void LogError(Exception ex)
    {
        // Error logging implementation here
    }
}

9. How can you disable filters for an action or controller in ASP.NET MVC?

Answer: Filters applied globally or at the controller level can be disabled for specific actions using the [OverrideAuthorization] or [SkipAuthorization] attributes, though these are not built-in. Instead, the proper way involves using the [AllowAnonymous] attribute to skip authorization on specific actions or controllers where anonymous access is required.

For skipping other types of global filters, you might need to create a custom overriding mechanism or selectively use them based on conditions within the filter itself.

10. Can filters modify the action parameters before they reach the action?

Answer: Yes, an ActionFilter specifically through its OnActionExecuting method can modify the action parameters that are passed to the action method. This can be useful for performing operations like converting input values, validating inputs, or setting default values.

You May Like This Related .NET Topic

📥 Download Code ▶️ Watch Online 📖 Read Description

Login to post a comment.