I am currently working on installing a network for a hotel. I have WEP encryption set up on their router, but a lot of their guests aren't knowledgeable to even work that out. So, I'd like to get rid of this encryption, and instead have a default page that shows up when the user connects to the router. If a password to this page is not entered correctly, then they will not be able to access any other pages.
I have setup internet restriction in the past using Microsoft Proxy server. You can assign proxy server rights based on windows user accounts and groups. I don't know if this works in your specific situation because your clients are probably not logged in to the local network, but maybe that Microsoft Proxy server has a way to deal with this.
I don't know how to set up such a system but I'd like to point out that those systems are a real pain for many wireless device users. Things like skype phones, vonage boxes, WiFi radios, mobile-email, etc. rarely support showing your login page - they expect you to authenticate with WPA or similar - so I think you should look for ways around this wherever possible!