Creating a custom Authentication Filter

AuthenticationFilter has been introduced newly in ASP.NET MVC 5+ to provide fine-grain control over how users are authenticated for controllers and action methods. 

Creating a custom Authentication Filter

Problem Scenario

Assume a scenario, where we want our Controller or an action methods available only to user having role as Admin or SuperAdmin.

Normally, we would write following attribute to the controller

    [Authorize(Roles = "Admin, SuperAdmin")]
    public class AdminSuperAdminController : Controller
    {   

    }