Thanks Bonnie,

>>I have taken on a C# contract. The users are mostly remote, so it makes sense to access the data via a WS.
>>I'm unsure as how to design it.
>>
>>1) Do I create properties on this for the Connection String, UserName, Password, ect...
>
>Connection information would normally be stored in the web.config file in the Web Service virtual directory.

What's the syntax for accessing information stored in a web.config file?


>
>>2) Do I create a genralized method that takes a query and runs it against the data, or should I create a method
>> for each query I need to do?
>
>Break it up more than that. IMHO, a Web Service should do no more than pass on the request to a Business layer (which would then pass it on to a DataAccess layer). These all, obviously, live server-side. You will want a Web Service method for every kind of call you would normally make to the backend. You can even break it up into multiple Web Services by functionality (IOW, we have a MyApp.Personnel.asmx and a MyApp.Incidents.asmx, etc.etc.)

So if I need to return a Customer record, then the WS would have a GetCustomer method, which would call GetCustomer
on a Customer class, which is then passing the request to a data access layer?


>>3) How do I handle security?
>
>https? or was that not what you meant?
>

I'm not sure what I mean. I guess I'm wondering what's stopping anyone at all from accessing the data through
the WS. Do I handle security in the DB? Or is there another approach?

>~~Bonnie