In this case, developers often assume that the EJBs do not need to be secured since they are not "user-accessible" in their application design, but this assumption is dangerously wrong.
This design decision is based on the assumption that a typical portal page contains many URLs and requires the navigational state to be serialized multiple times per request.
这个设计决策基于一个假设,即典型的门户页包含很多url,要求按请求对此对导航状态进行序列化。
3
This is particularly true since many managers operate under the assumption that any project going long enough cannot avoid periodical design and re-implementation from scratch.