You can set pages that are only available to a logged in user and also restricted to specific user groups.

For non logged in users and users who aren't in the access group, they won't see this link in the header or footer navigation, and they will be presented with a 404 page if they go directly to the URL. 


However, you can add a page that's shown in the header nav that acts as just a redirect link to the secure page.

This other page would have no content, it is purely used in the header navigation with a URL set in it to redirect to the restricted page.

The restricted page would not be ticked to show in the header nav, this is because the restricted link if set to be shown in the header nav would only show if the user is able to see it's content as well. 


So with the link in place we can move on to redirecting to the login page.

On view of the page when not logged in or not in the correct user group the user would see a 404 page, but the URL would still be the one requested. 

We can use this to our advantage and by adding some javascript to the 404 page, have it redirect to the login page with the previous pages url set to redirect back to after. (You can do this with a redirect to /login.php?redirect=PAGE_PATH)


Our javascript will need to run only on the 404 page, and only if the user is not already logged in, to avoid redirecting them to login again each time they try to visit the page. (We leak a boolean variable into the page to help with detecting if the user is logged in "jsMaster.userLoggedIn")


e.g. For a simple ALL 404's to login redirect:

    

//
// Redirect all non logged in 404 requests to the login page,
//  to support restricted pages. 
//
jQuery(function ($) {
    var is404Page = $('body').is('#body_404page');
    if ( ! jsMaster.userLoggedIn, && is404Page) {
        window.location.href = '/login.php?redirect=' + window.location.pathname;
    }
});

    


You could also match this against an array of pages you want to match, so that you don't redirect pages that are real 404s:

e.g. for a whitelist of pages: 

In this example, only 404's to /SomePage.html and /SomeOtherPage.html would redirect to the login page. All others would remain on the login page.

   

//
// Redirect non logged in 404 requests to the login page,
//  only for array restricted pages. 
//
jQuery(function ($) {
    var is404Page = $('body').is('#body_404page'),
           redirectPages = ['/SomePage.html', '/SomeOtherPage.html'];
    if ( ! jsMaster.userLoggedIn, && is404Page && $.inArray(window.location.pathname, redirectPages)) {
        window.location.href = '/login.php?redirect=' + window.location.pathname;
    }
});

   


Pick which ever example is most appropriate for your use case.