I use ReportViewerForMvc and it installs ReportViewerWebForm.aspx into the root project folder. How do I restrict access to ReportViewerWebForm.aspx? I have tried
<location path="ReportViewerWebForm.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
However, this results in the .aspx denied access even to the logged in users.
Resolved by adding a code-behind and subclassing ReportViewerForMvc.ReportViewerWebForm, validate user in Page_Load event using session cookie.