Currently I have 2 filters: Auth and Redirect, which perform the following actions: Filter Auth, which implements IAuthorizationFilter and ActionFilter, checks the user login and authorization, and if this fails, then filterContext.Result must be HttpStatusCodeResult of 403 (forbidden ) Filter Redirect, which implements IActionFilter and ActionFilter, checks the result and, if it is 403, redirects to the login page.
I applied them to the action as follows:
[Auth(Order=0)]
[Redirect(Order=1)]
However, Auth starts, but Redirect never starts (not one of the 4 redefinable methods that it provides). If I remove Auth Redirect, it will be executed, but if I enable Auth as the first filter, the redirect will not be performed. I believe that setting the Result property of the filter context prevents any other filters from executing, but I cannot understand why this is happening. FYI I use the beta version of ASP.NET MVC 3, but that doesn’t change anything.
Update: changing the Auth filter type to IActionFilter instead of IAuthorizationFilter causes OnResultExecuting and OnResultExecuted in Redirect to fire, but changing the response does not affect the final response to the browser.
Diego