how do we format the output of return by xml and how do we ensure the security while query using xml ie to ensure authorized user query the database from the browser using query string
