How to secure xml files in a website

I'm creating an application that is able to generate xml licenses. The application is secured by form开发者_JAVA技巧s authentication. Now the problem is that if I create a physical xml file that file can be downloaded even with the security enabled.

How would you guys secure this license file?

You could put it in the App_Data folder.

Don't know about asp.net, generally though, I'd just create the file someplace in the filesystem which is not accessible through the web, and if needed, relay it through your application, previously checking authentication...