SOAP is not a transport protocol!

Repeat with me: SOAP is not a transport layer protocol. I have now seen two implementations that use SOAP with dummy methods to pass XML through an authenticated channel. The XML messages that you can generate for these two implementations are really quite simple and their entire functionality could quite easily have been exposed on the WSDL. SOAP uses XML to convey its messages! So in these bogus implementations, there is XML wrapped in XML! If you find yourself implementing a web service, please take care and expose your API.