Reputation: 6198
ASP.NET MVC IAuthorizationFilter usage
In ASP.NET MVC, IAuthorizationFilter will run before any other filters and action methods. So is it appropriate to implement IAuthorizationFilter for some scenarios that some logic of checking and analysing the incoming HttpRequest needs to be executed before any other logic runs? Or IAuthorizationFilter should be used only for Authorization related logic, then what other ways should I take for this?
Upvotes: 1
Views: 994
Answers (2)
Reputation: 962
Authorisation Filters should be used only for authorisation. For different purposes there are different filters. You have to create your own by inheriting the correct type. https://msdn.microsoft.com/en-us/library/gg416513(VS.98).aspx
I will not suggest applying authorisation filters for every action of your application, better to apply them on controller or action level by simply doing something like [AllowUserWithPermissions("ManageScenarious")].
Upvotes: 0
Reputation: 1247
Its not good idea to use IAuthorizationFilter for any thing other than Authorization. You can just create a global filter with order so your filter can execute before any other actionfilters
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new SpecialFilterAttribute(), 1);
filters.Add(new LogFilter(), 2);
}
Here is the other SO question related to it
Upvotes: 1
Related Questions
- Implementing MVC 5 IAuthenticationFilter
- Authentication state in ASP.NET MVC ActionFilters
- ASP.NET IAuthorizationFilter OnAuthorization
- IAuthenticationFilter equivalent in MVC6
- MVC5 Authentication filters
- Authentication filters in MVC 5
- MVC 5.0 [AllowAnonymous] and the new IAuthenticationFilter
- IAuthenticationFilter interface implementation in asp.net MVC
- Difference between IActionFilter and IAuthorizationFilter
- Setting result for IAuthorizationFilter