I wanted my Yii based application to force users to authenticate. After studying the forums, the manuals and searching the web the solution came to me just as I was about to go to bed. It is dead simple: just make sure that the only action a default user can perform is actionLogin(). See the code below on how to accomplish this:

<?php
 
class SiteController extends Controller
{
    /**
     * @return array action filters
     */
    public function filters()
    {
        return array(
            'accessControl', // perform access control for CRUD operations
        );
    }
 
    /**
     * Specifies the access control rules.
     * This method is used by the 'accessControl' filter.
     * @return array access control rules
     */
    public function accessRules()
    {
        return array(
            array('allow',  // allow all users to perform 'login'
                'actions'=>array('login'),
                'users'=>array('*'),
            ),
            array('allow', // allow authenticated user to perform any action
                'users'=>array('@'),
            ),
            array('deny',  // deny all users
                'users'=>array('*'),
            ),
        );
    }
 
    // The rest of the SiteController implementation
 
}
 
?>

I am not sure if this is the best possible solution, but since it is simple and elegant I am inclined to think it is.