I am developing a site in asp.net 3.5, our appication design is simple – All our application pages communicate with database through a web service – In effect this web service itself is our database layer.
Now in middle of the project, due to some security issues, we dropped the idea of exposing our database layer as a web service.
Though they have dropped this for now, later they have the idea of exposing it as a web service, so that customers can directly communicate with our DB instead of coming through web pages.
So at this point, my suggestion was to pack the whole app_code folder of web service to a .net library(.dll) and reference it locally from the web pages, or
To copy and paste the app_code folder of webservice to the app_code folder of the web application. Since they cannot afford recompiling the data layer for every modification later on, the choice for them was to put it in App_code folder, so that they don’t need to recompile the whole stuff after modifications.

Now here is my problem:
-In future, if they want to make use of same .cs files in this application app_code folder to be exposed as web service, is it possible?
Technically speaking its kinda sharing the app_code folder between 2 application(one is a .net web application and the other one a web service)

I tried to put the whole web service directory(which includes app_code,.asmx files and web.config) inside the app_code of web application, I am able to access those service methods inside my pages.
But it gives a compilation error “it is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS”. If I configure this as a virtual directory in IIS, we cannot access these classes inside the pages. (What I was thinking is of creating a separate virtual directory on the same level of web application and not as a subfolder to it.)
As you know, this error is basically bcoz of the authentication entry in web service web.config file. AS when I googled, I came to know that, a web application can have any number of web.config in its subfolders, but they cannot have <authentication> entries in any other than the root web.config.
Though I can change the allowDefinition attribute for authentication in machine.config file, I don’t want to do that,as its risky!

Is there a way to resolve this?

Contraints are:
- I don’t want to re-compile the code every time I make change or for a minor release
- I don’t want multiple versions of same file to be maintained – so I need to share the .cs files between a webapplication and a web service.

Please let me know your suggestion on this one.