This seems to do the job. Create a new snippet named CheckUser with this content:
// CheckUser snippet
// checks to see if user is a member
// of a given web user group
// redirects to given login page if not.
//
// options:
// &group - the group the user must be a member of
// &page - the page ID of the login page
if(!isset($group) || !isset($page)) return; // can't do much without these!
$group = array($group); // isMemberOfWebGroup needs an array.
if($modx->isMemberOfWebGroup($group)) return; // if we are, quietly exit.
$url = $modx->makeURL($page); // we didn't exit, so must not be a member of group
$modx->sendRedirect($url); // so make the url to the login page and go there.
return;
On the login page, call the WebLogin snippet like this:
[!WebLogin?loginhomeid=`xx`!]
where the xx is the ID of your Gallery2 document.
At the beginning of your Gallery2 document, call the CheckUser snippet like this:
[!CheckUser?group=`galleryuser`&page=`xx`!]
where the xx this time is the document ID of your login page, and galleryuser is the group you make for your gallery users.