Our reports are deployed to Report Manager (SSRS 2005). We want to display a custom web page if someone who is unauthorized goes to the Report Manager home page. The custom page will give the user instructions to request access to our reports. It seems the easiest way to implement this is with custom error pages, either at the IIS level or at the web application level (within web.config).
The problem is that everyone on the company intranet can bring up the Report Manager home page. If they are unauthorized to access any reports deployed to the server, they (correctly) get a nearly blank home page. Therefore no 401-Unauthorized HTTP error is thrown and no custom error page is displayed. Anonymous access is turned off in IIS, both for the web site and the RM virtual directory.
How would I deny access to the home page to everyone who is not authorized to view any of our reports?
Alternatively, is there a better approach to accomplishing this task?
Thanks in advance.