Sanju-Blogs

The possible uses for action filters are as varied as the actions to which they can be applied. Some possible uses for action filters include the following: Logging in order to track user interactions. "Anti-image-leeching" to prevent images from being loaded in pages that are not on your site. Web crawler filtering to change application behavior based on the browser user agent. Localization to set the locale. Dynamic actions to inject an action into a controller. Implementing a Custom Action Filter An action filter is implemented as an attribute class that inherits from ActionFilterAttribute. ActionFilterAttribute is an abstract class that has four virtual methods that you can override: OnActionExecuting, OnActionExecuted, OnResultExecuting, and OnResultExecuted. To implement an action filter, you must override at least one of these methods. The ASP.NET MVC framework will call the OnActionExecuting method of your action filter before it calls any action method that is marked...

Many Web applications require users to log in before the users are granted access to restricted content. In some applications, even users who are logged in might have restrictions on what content they can view or what fields they can edit. To restrict access to an ASP.NET MVC view, you restrict access to the action method that renders the view. To accomplish this, the MVC framework provides the AuthorizeAttribute class. Using the Authorize Attribute When you mark an action method with the Authorize attribute, access to that action method is restricted to users who are both authenticated and authorized. If you mark a controller with the attribute, all action methods in the controller are restricted. The Authorize attribute lets you indicate that authorization is restricted to predefined roles or to individual users. This gives you a high degree of control over who is authorized to view any page on the site. If an unauthorized user tries to access a method that is marked with the Authori...

In ASP.NET MVC, controllers define action methods that usually have a one-to-one relationship with possible user interactions, such as clicking a link or submitting a form. For example, when the user clicks a link, a request is routed to the designated controller, and the corresponding action method is called. Sometimes you want to perform logic either before an action method is called or after an action method runs. To support this, ASP.NET MVC provides action filters. Action filters are custom attributes that provide a declarative means to add pre-action and post-action behavior to controller action methods. MVC Action Filter Types ASP.NET MVC provides the following types of action filters: Authorization filter, which makes security decisions about whether to execute an action method, such as performing authentication or validating properties of the request. The AuthorizeAttribute class is one example of an authorization filter. Action filter, which wraps the action method execution....