Master technical and career interviews with structured answers—short definition, real examples, pitfalls, and how to answer in 60–90 seconds.
Answer: filter is a component that allows logic to be executed before or after parts of the request pipeline, such as authorization, action execution, or result processing. What interviewers expect A clear definition tie…
Filters are ASP.NET Core’s plug-in points that allow you to inject logic before or after specific pipeline stages such as: Authorization Resource execution Action execution Results processing Exception handling They help…
Middleware is a component in the HTTP request pipeline that can: Handle requests, Pass requests to the next middleware, Or short-circuit the pipeline. Middleware can: Perform actions before and/or after the next middlewa…
uthorization, Resource, Action, Exception, and Result filters. What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-offs (performance, maintainability, security, cost) When you…
uthorization checks directly inside controllers. This led to: Repetition Hard-to-test classes Cross-cutting concerns polluting business logic Fragile code Filters solve these by offering centralized, consistent, and reus…
pp.UseMiddleware<YourMiddleware>(); pp.UseRouting(); pp.UseEndpoints(endpoints => { endpoints.MapControllers(); }); pp.Run(); In older versions (e.g., .NET Core 3.1), Startup.cs is used: public void Configure(IA…
In ASP.NET Core 6+ (minimal hosting model), middleware is added in Program.cs: var builder = WebApplication.CreateBuilder(args); var app = builder.Build(); app.UseMiddleware<YourMiddleware>(); app.UseRouting(); app…
Answer: Filters promote reusability, separation of concerns, cleaner controllers, and easier maintenance. What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-offs (performance,…
Answer: Example – Using ServiceFilter [ServiceFilter(typeof(AuditLogFilter))] public class UserController : ControllerBase { } What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Tra…
uthorization Before everything Identity, JWT, RBAC Resource Before model binding Caching, request trimming ction Before/after action Logging, validation Exception On unhandled errors Global error handling Result Before/a…
Answer: Authorization Filters Resource Filters Action Filters Exception Filters Result Filters Endpoint Filters (ASP.NET Core 7+) What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects…
pp.Map Method Description pp.Use Adds middleware that can call next in the pipeline. pp.UseMiddlewar e<T>() dds a custom middleware class. pp.Run Terminal middleware – does not call next. Ends the pipeline. pp.Map…
Answer: ction filters wrap the action method; result filters wrap the returned result (like ObjectResult or ViewResult). What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-off…
Diagram) -------------------------- | Authorization Filter | -------------------------- -------------------------- | Resource Filter | -------------------------- -------------------------- | Model Binding Happens | -----…
Answer: wait _next(context); // Post-processing logic } } Register it: pp.UseMiddleware&lt;MyCustomMiddleware&gt;(); What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade…
Create a class with: A constructor accepting RequestDelegate An Invoke or InvokeAsync method public class MyCustomMiddleware private readonly RequestDelegate _next; public MyCustomMiddleware(RequestDelegate next) => _…
uthorization filters always run first. Intermediate Level What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-offs (performance, maintainability, security, cost) When you would…
Filters can be created using: Interfaces (IActionFilter, IAsyncActionFilter…) Attributes Dependency injection Example – Custom Header Validation Filter public class HeaderValidationFilter : IActionFilter { public void On…
Answer: RequestDelegate is a delegate representing the next middleware in the pipeline: public delegate Task RequestDelegate(HttpContext context); In custom middleware, it allows passing control to the next component. Wh…
Answer: They run before model binding and after authorization. Perfect for caching or request trimming. What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-offs (performance, m…
✔ Use Filters When: You need information about controller or action context You need pre/post action execution access Logic must execute only on MVC actions ❌ Avoid Filters If: Logic applies to all HTTP requests → use mi…
Answer: pp.UseAuthentication(); // Must come before authorization pp.UseAuthorization(); pp.UseEndpoints(...); Logging, error handling, and security middlewares must be early in the pipeline. What interviewers expect A c…
Middleware is executed in the order it's added, and this order affects behavior. Example: app.UseAuthentication(); // Must come before authorization app.UseAuthorization(); app.UseEndpoints(...); Logging, error handling,…
Set context.Result = new BadRequestObjectResult(...). What interviewers expect A clear definition tied to ASP.NET Core in ASP.NET Core projects Trade-offs (performance, maintainability, security, cost) When you would and…
Concern Use Filter Use Middleware Needs controller context ✔ ❌ Needs access before routing ❌ ✔ Validating request body ❌ ✔ Logging per action ✔ ❌ Exception handling ✔ ✔ 💡 Tip: If your logic is unrelated to MVC actions (…
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: filter is a component that allows logic to be executed before or after parts of the request pipeline, such as authorization, action execution, or result processing.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters are ASP.NET Core’s plug-in points that allow you to inject logic before or after
specific pipeline stages such as:
They help you implement cross-cutting concerns without cluttering controllers or actions.
In enterprise systems, filters are indispensable for:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Middleware is a component in the HTTP request pipeline that can:
Middleware can:
Middleware executes in the order it's added in Program.cs.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization, Resource, Action, Exception, and Result filters.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization checks directly inside controllers. This led to:
Filters solve these by offering centralized, consistent, and reusable implementation points.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseMiddleware<YourMiddleware>();
pp.UseRouting();
pp.UseEndpoints(endpoints => { endpoints.MapControllers();
});
pp.Run();
public void Configure(IApplicationBuilder app,
IWebHostEnvironment env)
{
pp.UseMiddleware<YourMiddleware>();
pp.UseRouting();
pp.UseEndpoints(endpoints => {
endpoints.MapControllers(); });
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Program.cs:
var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();
app.UseMiddleware<YourMiddleware>();
app.UseRouting();
app.UseEndpoints(endpoints => { endpoints.MapControllers();
});
app.Run();
public void Configure(IApplicationBuilder app,
IWebHostEnvironment env)
app.UseMiddleware<YourMiddleware>();
app.UseRouting();
app.UseEndpoints(endpoints => {
endpoints.MapControllers(); });
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Filters promote reusability, separation of concerns, cleaner controllers, and easier maintenance.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Example – Using ServiceFilter [ServiceFilter(typeof(AuditLogFilter))] public class UserController : ControllerBase { }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization Before everything Identity, JWT, RBAC
Resource Before model binding Caching, request trimming
ction Before/after action Logging, validation
Exception On unhandled errors Global error handling
Result Before/after result Response wrapping,
formatting
Endpoint (ASP.NET Core
7+)
round minimal API
endpoints
Logging, validation
3.1 Authorization Filters
These execute first, determining whether the user can access the route.
Typical use cases:
3.2 Resource Filters
Executed before model binding.
Perfect for:
3.3 Action Filters
The most commonly used filter type.
Great for:
Example – Audit Logging Filter
public class AuditLogFilter : IActionFilter
{
private readonly ILogger<AuditLogFilter> _logger;
public AuditLogFilter(ILogger<AuditLogFilter> logger)
{
_logger = logger;
}
public void OnActionExecuting(ActionExecutingContext context)
{
_logger.LogInformation("Request started at: {time}",
DateTime.UtcNow);
}
public void OnActionExecuted(ActionExecutedContext context)
{
_logger.LogInformation("Request ended at: {time}",
DateTime.UtcNow);
}
}
3.4 Exception Filters
Centralizing error handling is vital in fintech and healthcare APIs.
Example use cases:
3.5 Result Filters
These wrap the response.
Use cases:
3.6 Endpoint Filters (ASP.NET Core 7+)
Primarily for minimal APIs.
Example use cases:
pp.MapGet("/users/{id}", (int id) => GetUser(id))
.AddEndpointFilter(new LoggingEndpointFilter());
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Authorization Filters Resource Filters Action Filters Exception Filters Result Filters Endpoint Filters (ASP.NET Core 7+)
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.Map
Method Description
pp.Use Adds middleware that can call next in the
pipeline.
pp.UseMiddlewar
e<T>()
dds a custom middleware class.
pp.Run Terminal middleware – does not call next. Ends
the pipeline.
pp.Map Branches the pipeline based on URL path (e.g.
/api).
Example:
pp.Use(async (context, next) => {
wait next(); // go to next middleware
});
pp.Run(async context => {
wait context.Response.WriteAsync("Hello World"); //
terminates pipeline
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ction filters wrap the action method; result filters wrap the returned result (like ObjectResult or ViewResult).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Diagram)
| Authorization Filter |
| Resource Filter |
| Model Binding Happens |
| Action Filter |
| Action Method |
| Result Filter |
| Response Returned |
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: wait _next(context); // Post-processing logic } } Register it: pp.UseMiddleware<MyCustomMiddleware>();
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Create a class with:
public class MyCustomMiddleware
private readonly RequestDelegate _next;
public MyCustomMiddleware(RequestDelegate next) => _next =
next;
public async Task InvokeAsync(HttpContext context)
// Pre-processing logic
await _next(context);
// Post-processing logic
Register it:
app.UseMiddleware<MyCustomMiddleware>();
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization filters always run first. Intermediate Level
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters can be created using:
Example – Custom Header Validation Filter
public class HeaderValidationFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
if
(!context.HttpContext.Request.Headers.ContainsKey("X-Client-Id"))
{
context.Result = new BadRequestObjectResult("Missing
X-Client-Id header.");
}
}
public void OnActionExecuted(ActionExecutedContext context) { }
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: RequestDelegate is a delegate representing the next middleware in the pipeline: public delegate Task RequestDelegate(HttpContext context); In custom middleware, it allows passing control to the next component.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: They run before model binding and after authorization. Perfect for caching or request trimming.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✔ Use Filters When:
❌ Avoid Filters If:
⚠ Pitfall: Filters run per action. Be mindful of expensive operations.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseAuthentication(); // Must come before authorization pp.UseAuthorization(); pp.UseEndpoints(...); Logging, error handling, and security middlewares must be early in the pipeline.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Middleware is executed in the order it's added, and this order affects
behavior.
Example:
app.UseAuthentication(); // Must come before authorization
app.UseAuthorization();
app.UseEndpoints(...);
Logging, error handling, and security middlewares must be early
in the pipeline.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Set context.Result = new BadRequestObjectResult(...).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Concern Use Filter Use Middleware
Needs controller context ✔ ❌
Needs access before
routing
❌ ✔
Validating request body ❌ ✔
Logging per action ✔ ❌
Exception handling ✔ ✔
💡 Tip: If your logic is unrelated to MVC actions (e.g., CORS, compression),
middleware is the right choice.