Chapter 5 covered Controllers and Controller actions, which are responsible for coordinating interactions between the user, the Model, and the View. A given action method typically handles a specific user interaction with the View.
For example, when a user clicks a link to display all products on a page, that click might create a request to an action method of
List, which reaches into the domain objects, grabs all the products, slaps them together with the View, and displays the result to the user.
Grabbing the product data and selecting the View is the primary responsibility of that action method. It's not responsible for cross-cutting concerns such as logging, output caching, authentication, and authorization. These are responsibilities that your action method shouldn't need to know about. In mathematical parlance, they are orthogonal to the purposes of your action method.
This is where filters come into play. Filters are a declarative attribute-based means of providing cross-cutting behavior to an action method.
Before you delve into how one goes about writing a filter, let's take a look at the filters that are included with ASP.NET MVC.
ASP.NET MVC includes the following four Action filters out of the box:
Authorize: This filter is used to restrict access to a Controller or Controller action.
HandleError: This filter is used to specify an action that will handle an exception that is thrown from inside an action ...