In a previous blog post, I mentioned that I'm currently playing around with the ColdFusion-powered Mura CMS. I'm using it to create an internal website where my team can share best coding practices and examples.
When you create a page of content in Mura, you do so using the WYSIWYG editor CKEditor. As with most WYSIWYG editors, CKEditor has a "Source" button that lets you drop out of editor mode and view/edit the raw HTML, so I figured if I wrote the CFML code I wanted to display on my page in source mode using "<" and ">" character entity references for the angle brackets it would display properly in the public view of the page.
It seemed to work at first, but if I opened the same page again in order to edit it, Mura would convert the character entity references into the actual angle brackets within the raw HTML code, and the content would become invisible to the public.
I tried a couple of different approaches before eventually determining that I could actually type the CFML or HTML code I wanted to show in my content within WYSIWYG editor mode as long as I put a space between the first angle bracket and the first letter of the starting tag. Apparently whatever Mura is doing to the content (and to be clear, I don't think this is necessarily a bug - I suspect there's a good reason why it does what it does) only occurs if it recognizes the string fragment as being an HTML or CFML tag, and adding that space makes the tag unrecognizable. It makes my code examples look a little funny, but I can live with it.
If anyone else has a better workaround for this situation, please share with the group. :)
I've already posted most of this information on the Mura forums, but I wanted to post it here as well for anyone looking for information on this topic.
With the blessings of my boss, I've been playing around with the ColdFusion-powered Mura
content management system to see if it might be a good CMS option for
us. From what I've seen so far, Mura is a well-thought out CMS system
that is both powerful and easy to use, which is a difficult balancing
One of the things my boss wanted me to investigate was
whether or not we could tie Mura in with our single sign-on solution,
which is CAS (Central Authentication Service), a Jasig
project originally created at Yale. When a user tries to access a page
or a site that requires them to authenticate, they are redirected to
the CAS server and enters their LDAP-based user id and password on the
CAS login page. If they successfully authenticate, the CAS server
redirects them back to the original site and stores a token as a cookie
in the user's browser. If the user visits a different website secured
by CAS, the cookie allows them access to that site without the need to
log in again.
Mura provides a plugin architecture
that allows developers to intercept certain Mura events and run their
own code. A number of Mura shops have created plugins that intercept
the Mura login events in order to tie in with their in-house directory
and authentication servers, but those login events are triggered by the
admin and user login forms built into Mura. I couldn't go that route: I
needed to circumvent and replace the Mura login form(s) with the CAS
login form and have Mura log in the user based on the credential
information returned by CAS.
After some digging into the code and
some trial-and-error, I came up with a way to authenticate Mura
administrators via our CAS system.