I have a project with XML comments all set up and the documentation is being generated as expected but my boss would like to put the documentation itself behind a log in so its not freely accessible.
Is this something I could do by adding a landing page and setting something up in IIS? Or, would I have to add something to each individual page to force it to ensure someone had logged in who had permission to see the doc? Or, other?
You have a couple ways.
You could setup some security in IIS on a virtual directory so users are required to authenticate in a number of ways. This option does not require you to be a programmer but does take more work to setup and administer.
The other option is to put a web.config in the same folder as your document that has standard login/redirect directives. Then you could have it redirect the user to a login page, which you create in ASP, and then send them back.