Hi Mark,
In my attempt to start implementing this, I've been also educating myself on how webInterface.c works. Although I know that this is an "example", it serves as a good template/start point for many web applications.
I've appended the fnHandleWeb functionality to the fnInsertString document I sent you a while back, I can upload this somewhere if you'd like.
Regarding the authentication, my thought process would be as follows:
1) If VARIABLE_PAGE_AUTHENTICATION is set, call fnHandleWeb with ucType set to 0x01 (or user defined)
2) fnHandleWeb (upon seeing ucType as 0x01), checks to see if the file is of HTML type. If so, it looks at the FIRST byte of the file. If this byte is set to £ (web delimiter), then read the NEXT byte (should be between 0-9).
3) The byte would symbolize a "security" level required for viewing of the page.
4) If the current session "security level" is equal to or greater than the page required security level, then return APP_ACCEPT, otherwise return APP_REQUEST_AUTHENTICATION
This scheme requires a new "global" variable for security level of the current session. Default security level would be "0", and other security levels could be assigned based on a user list (the creation/maintenance of the user list is another subject).
If this is available, it would be prudent to add a fnInsertString function to output the current security level, such that the pages could be dynamically created based on the current session "security" level. That is, a javascript or similar client side variable could display/hide links based on the current level.
I'm "thinking out load" with this for the moment...I prefer to bounce some ideas before I go too far. If you see any problems with this, let me know. Also, if you have a different implementation in mind, please let me know, so I don't re-invent the wheel.