1

In ASP.NET MVC, IAuthorizationFilter will run before any other filters and action methods. So is it appropriate to implement IAuthorizationFilter for some scenarios that some logic of checking and analysing the incoming HttpRequest needs to be executed before any other logic runs? Or IAuthorizationFilter should be used only for Authorization related logic, then what other ways should I take for this?

Improve this question

2 Answers 2

Reset to default
1

Its not good idea to use IAuthorizationFilter for any thing other than Authorization. You can just create a global filter with order so your filter can execute before any other actionfilters

public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
    filters.Add(new SpecialFilterAttribute(), 1);
    filters.Add(new LogFilter(), 2);
}

Here is the other SO question related to it

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Authorisation Filters should be used only for authorisation. For different purposes there are different filters. You have to create your own by inheriting the correct type. https://msdn.microsoft.com/en-us/library/gg416513(VS.98).aspx

I will not suggest applying authorisation filters for every action of your application, better to apply them on controller or action level by simply doing something like [AllowUserWithPermissions("ManageScenarious")].

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.