For a while now we've been making use of Mura CMS for larger customers with extensive functionality needs. But as the documentation for Mura at times is quite spotty or non-existant on several subjects I have been wrestling with, and having taken part in some discussions on the Mura Google Groups (https://groups.google.com/forum/#!topic/mura-cms-developers/j1VPAt3xTE8) I have decided to share some of my insights here. To start off I have chosen the subject I spent most time getting to grips with, content for member groups. That is content that is only visible to certain visitors of your website after they have logged into the website and are member of specific content groups. Below is how I have set up a website recently to accomodate just this scenario.
The above setup accomplishes my wish to force login of all website users. Furthermore it solves the wish to restrict access to all content the logged-in user is not supposed to see - he/she sees only the content that is intended for that particular member group he/she is a member of. The PRIMARY navigation and the MULTI-LEVEL navigation completely adher to these authorization rules and only display those sector PAGES and member group FOLDER that are intended for the user. If a user tries to go to content that does not exist a 404 is shown - if he/she guesses the correct URL to other content of a group he/she is not a member of (or gets the URL from someone else), the user gets a RESTRICTED page with a login. Now I still need to figure out if that is bad and redirect to a common 404-ish "Big No-No" page, but for now I leave it as it is.
If you have any questions please let me know. I'll create follow-up posts of this blog post to share my experiences and challenges with Mura.