diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/DefaultAccessController.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/DefaultAccessController.java
index 7de02becf9eba9b1c25d08661253e4b3b93ba482..0d9c4165fcfd3a1b07490029d0de1e5978086e23 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/DefaultAccessController.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/DefaultAccessController.java
@@ -157,8 +157,6 @@ public final class DefaultAccessController implements IAccessController
             final Set<RoleWithHierarchy> methodRoles = getMethodRoles(method);
             if (methodRoles.size() == 0)
             {
-                // TODO 2008-08-07, Tomasz Pylak: why this is not a programming error? What a user
-                // can do if a programmer does not put an authorization annotation for a method?
                 final String msg =
                         String.format(METHOD_ROLES_NOT_FOUND_TEMPLATE,
                                 MethodUtils.describeMethod(method));