What exactly filter is ?
Filter is a simple method which is executed “before” / “after” / “around” a controller action.
For example, one filter might check if the user has the credentials for accessing a particular action in a controller.

Where can I place my  filter ?

Filters are inherited so if you  a place filter in “application_controll.rb” file then it will be applicable to every controllers in application.

Step – 1
Create a method ( in application_controller.rb file) :

def check_user_logged_in
 
            if !session[:username]
   
 flash[:notice] = "Sorry, login before you continue !!! "
 redirect_to :controller => "user_sessions", :action => "new"
      end
  end

Step – 2

Use the method in application_controller as a filter  :

Now write the before_filter block in the controller  where you want to restrict unauthorized users.
You can also restrict particular action of a controller by writing the action name.

class UsersController < ApplicationController #as controller is inherited from ApplicationController hence filter is accessible here.

before_filter :check_user_login_in, :only => [:profile]
  #this line is important
 
       def profile
         [ Your block of code to render your profile page ]
        end
  end

In the above block the “before_filter” restrict the non-registered user to access the profile page and redirect them to login page.
We can also restrict multiple actions by writing like this :

before_filter :user_logged_in, :only => [:profile, :edit]

In this case the filter is applied to only these two methods of a particular controller :

before_filter :user_logged_in, :except => [:index, :show]

in this case filter is applied to all the other actions except index and show action of a particular controller.
if a filtration action fails then respective controller action won’t get exectued and the further scheduled  filters are also get cancelled.