Authentication filters in MVC 5


Authentication filters from Release Notes page

Authentication filters are a new kind of filter in ASP.NET MVC that run prior to authorization filters in the ASP.NET MVC pipeline and allow you to specify authentication logic per-action, per-controller, or globally for all controllers. Authentication filters process credentials in the request and provide a corresponding principal. Authentication filters can also add authentication challenges in response to unauthorized requests.

Can some one provide the practical use of this? Where I can use this AuthenticationFilters exactly?

Earlier I use to manage Access Control List for a action/controller by writing own CustomAttribute: FilterAttribute, IAuthorizationFilter and implement public void OnAuthorization(AuthorizationContext filterContext) . Is it possible to use this AuthenticationFilter here?


Custom authentication can be created by implementing IAuthenticationFilter. It can be used where current user principal is necessary to change for executing certain portion of action of a controller by overriding OnAuthentication method. One can put extra task on request by overriding OnAuthenticationChallenge method.

By : Avijit

This video can help you solving your question :)
By: admin