The breadth of security measures that service designers may need to implement is much wider than what this chapter covers. From authenticating users, to authorizing their actions, and the use of encryption to prevent eavesdropping on sensitive information, we have covered the basic principles of securing web services with Spring.

Having considered security concerns in this chapter, another critical attribute to assess the production-readiness of a RESTful web service is testing.

In the next chapter, we will investigate which tools and techniques can be leveraged to verify that our sample RESTful web service exhibits the expected behavior.