An action filter is an attribute that you can apply to a controller action or an entire controller. That modifies the way in which the action is executed. In ASP.NET MVC, controllers define action methods and these action methods generally have a one-to-one relationship with UI controls such as clicking a button or a link, etc.
The ASP.NET MVC framework includes several action filters:
* OutputCache – This action filter caches the output of a controller action for a specified amount of time.
* HandleError – This action filter handles errors raised when a controller action executes.
* Authorize – This action filter enables you to restrict access to a particular user or role.
The ASP.NET MVC framework supports four different types of filters:
* Authorization filters – Implements the IAuthorizationFilter attribute.
* Action filters – Implements the IActionFilter attribute.
* Result filters – Implements the IResultFilter attribute.
* Exception filters – Implements the IExceptionFilter attribute.
Filters are executed in the order listed above. For example, authorization filters are always executed before action filters and exception filters are always executed after every other type of filter.
Authorization filters are used to implement authentication and authorization for controller actions. For example, the Authorize filter is an example of an Authorization filter.
Action filters contain logic that is executed before and after a controller action executes. You can use an action filter, for instance, to modify the view data that a controller action returns.
Result filters contain logic that is executed before and after a view result is executed. For example, you might want to modify a view result right before the view is rendered to the browser.
Exception filters are the last type of filter to run. You can use an exception filter to handle errors raised by either your controller actions or controller action results. You also can use exception filters to log errors.