From db9f50390641227c97b6826345b4019d7f7d09b5 Mon Sep 17 00:00:00 2001
From: Sanjay Dalal <sanjay.dalal@berkeley.edu>
Date: Fri, 19 Feb 2010 01:15:29 +0000
Subject: [PATCH] CSPACE-859 added timestamps to accounts_common, users,roles
 and users_roles tables CSPACE-1011 added personRefName to account schema
 Tenant validation is done only for create that also temporarily till authn is
 mandatory test: account test with security

M    services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
M    services/authentication/jaxb/pom.xml
M    services/authentication/pstore/src/main/resources/db/mysql/test_authn.sql
M    services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
M    services/pom.xml
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java
M    services/account/jaxb/src/main/resources/accounts_common.xsd
M    services/account/jaxb/pom.xml
M    services/account/pstore/src/main/resources/db/mysql/test_account.sql
M    services/account/pstore/src/main/resources/db/mysql/account.sql
M    services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountTest.java
M    services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
---
 .../client/test/AccountServiceTest.java       |  1 +
 .../account/client/test/AccountTest.java      |  3 +
 services/account/jaxb/pom.xml                 | 15 +++--
 .../src/main/resources/accounts_common.xsd    | 31 ++++++++++-
 .../src/main/resources/db/mysql/account.sql   |  2 +-
 .../main/resources/db/mysql/test_account.sql  |  2 +-
 .../storage/AccountDocumentHandler.java       |  8 ++-
 .../account/storage/AccountStorageClient.java | 49 +++++++++++++----
 .../storage/AccountValidatorHandler.java      | 12 ++--
 services/authentication/jaxb/pom.xml          | 14 +++--
 .../authentication_identity_provider.xsd      | 55 +++++++++++++++++++
 .../resources/db/mysql/authentication.sql     |  6 +-
 .../main/resources/db/mysql/test_authn.sql    | 12 ++--
 services/pom.xml                              |  7 ++-
 14 files changed, 172 insertions(+), 45 deletions(-)

diff --git a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
index 4d0f50a41..aecab1147 100644
--- a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
+++ b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
@@ -926,6 +926,7 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         if (usePassword) {
             account.setPassword(Base64.encodeBase64(passwd.getBytes()));
         }
+        account.setPersonRefName(screenName);
         account.setEmail(email);
         account.setPhone("1234567890");
         if (useTenant) {
diff --git a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountTest.java b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountTest.java
index de083f7a1..68da82ac2 100644
--- a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountTest.java
+++ b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountTest.java
@@ -6,6 +6,7 @@ package org.collectionspace.services.account.client.test;
 
 import java.lang.reflect.Method;
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.List;
 import java.util.UUID;
 import javax.persistence.EntityManager;
@@ -72,6 +73,7 @@ public class AccountTest {
             account = new AccountsCommon();
         }
         account.setScreenName("test");
+        account.setPersonRefName("test hello");
         account.setEmail("test.test@berkeley.edu");
         account.setUserId("test");
         account.setStatus(Status.ACTIVE);
@@ -105,6 +107,7 @@ public class AccountTest {
         account.setStatus(Status.ACTIVE);
         id = UUID.randomUUID().toString();
         account.setCsid(id);
+        account.setCreatedAtItem(new Date());
         Tenant tenant = new Tenant();
         tenant.setId("123");
         tenant.setName("movingimages.us.standalone");
diff --git a/services/account/jaxb/pom.xml b/services/account/jaxb/pom.xml
index d3f7eaf20..eab43b6b0 100644
--- a/services/account/jaxb/pom.xml
+++ b/services/account/jaxb/pom.xml
@@ -1,21 +1,21 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 
     <parent>
         <artifactId>org.collectionspace.services.account</artifactId>
         <groupId>org.collectionspace.services</groupId>
         <version>1.0</version>
     </parent>
-    
+
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.collectionspace.services</groupId>
     <artifactId>org.collectionspace.services.account.jaxb</artifactId>
     <version>1.0</version>
     <name>services.account.jaxb</name>
     <dependencies>
-                <!-- keep slf4j dependencies on the top -->
+        <!-- keep slf4j dependencies on the top -->
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
@@ -38,7 +38,10 @@
             <groupId>org.jvnet.jaxb2_commons</groupId>
             <artifactId>runtime</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.jvnet.hyperjaxb3</groupId>
+            <artifactId>hyperjaxb3-ejb-runtime</artifactId>
+        </dependency>
         <dependency>
             <groupId>mysql</groupId>
             <artifactId>mysql-connector-java</artifactId>
@@ -57,7 +60,7 @@
             <artifactId>testng</artifactId>
             <version>5.6</version>
         </dependency>
-<!--        
+        <!--
         <dependency>
             <groupId>org.collectionspace.services</groupId>
             <artifactId>org.collectionspace.services.client</artifactId>
diff --git a/services/account/jaxb/src/main/resources/accounts_common.xsd b/services/account/jaxb/src/main/resources/accounts_common.xsd
index a858dbd05..6714bb1a2 100644
--- a/services/account/jaxb/src/main/resources/accounts_common.xsd
+++ b/services/account/jaxb/src/main/resources/accounts_common.xsd
@@ -53,6 +53,15 @@
                         </xs:appinfo>
                     </xs:annotation>
                 </xs:element>
+                <xs:element name="personRefName" type="xs:string" minOccurs="0" maxOccurs="1">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="person_ref_name" length="250" />
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
                 <xs:element name="email" type="xs:string" minOccurs="1" maxOccurs="1">
                     <xs:annotation>
                         <xs:appinfo>
@@ -139,6 +148,24 @@
                         </xs:appinfo>
                     </xs:annotation>
                 </xs:element>
+                <xs:element name="createdAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="created_at" nullable="false"/>
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
+                <xs:element name="updatedAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="updated_at" />
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
             </xs:sequence>
             <xs:attribute name="csid" type="xs:string">
                 <xs:annotation>
@@ -169,9 +196,7 @@
                         </xs:annotation>
                         <xs:sequence>
                             <xs:element name="screenName" type="xs:string" minOccurs="1"/>
-                            <xs:element name="firstName" type="xs:string" minOccurs="1" />
-                            <xs:element name="lastName" type="xs:string" minOccurs="1" />
-                            <xs:element name="mi" type="xs:string"/>
+                            <xs:element name="personRefName" type="xs:string" minOccurs="1" />
                             <xs:element name="email" type="xs:string" minOccurs="1" />
                             <xs:element name="status" type="status" minOccurs="1" />
                             <!-- uri to retrive collection object details -->
diff --git a/services/account/pstore/src/main/resources/db/mysql/account.sql b/services/account/pstore/src/main/resources/db/mysql/account.sql
index 37b1836b2..ed6aac986 100644
--- a/services/account/pstore/src/main/resources/db/mysql/account.sql
+++ b/services/account/pstore/src/main/resources/db/mysql/account.sql
@@ -1,6 +1,6 @@
 alter table tenants drop foreign key FKAAE82D09C4F08FD6;
 drop table if exists accounts_common;
 drop table if exists tenants;
-create table accounts_common (csid varchar(255) not null, email longtext not null, mobile varchar(255), phone varchar(255), screen_name varchar(128) not null, status varchar(15) not null, userid varchar(128) not null, primary key (csid), unique (screen_name));
+create table accounts_common (csid varchar(255) not null, created_at datetime not null, email longtext not null, mobile varchar(255), person_ref_name varchar(250), phone varchar(255), screen_name varchar(128) not null, status varchar(15) not null, updated_at datetime, userid varchar(128) not null, primary key (csid), unique (screen_name));
 create table tenants (HJID bigint not null auto_increment, id varchar(255) not null, name varchar(255) not null, TENANT_ACCOUNTSCOMMON_CSID varchar(255), primary key (HJID));
 alter table tenants add index FKAAE82D09C4F08FD6 (TENANT_ACCOUNTSCOMMON_CSID), add constraint FKAAE82D09C4F08FD6 foreign key (TENANT_ACCOUNTSCOMMON_CSID) references accounts_common (csid);
diff --git a/services/account/pstore/src/main/resources/db/mysql/test_account.sql b/services/account/pstore/src/main/resources/db/mysql/test_account.sql
index ddc6e7ba6..33efbb3ff 100644
--- a/services/account/pstore/src/main/resources/db/mysql/test_account.sql
+++ b/services/account/pstore/src/main/resources/db/mysql/test_account.sql
@@ -4,6 +4,6 @@
 -- You may not use this file except in compliance with this License.
 --
 use cspace;
-INSERT INTO `cspace`.`accounts_common` VALUES  ('eeca40d7-dc77-4cc5-b489-16a53c75525a','test.test@berkeley.edu',NULL,NULL,'test','ACTIVE','test');
+INSERT INTO `cspace`.`accounts_common` (`csid`, `email`, `phone`, `mobile`, `userid`, `status`, `screen_name`, `created_at`) VALUES  ('eeca40d7-dc77-4cc5-b489-16a53c75525a','test.test@berkeley.edu',NULL,NULL,'test','ACTIVE','test', '2010-02-17 16:31:48');
 
 INSERT INTO `cspace`.`tenants` VALUES  (1,'1','movingimages.us','eeca40d7-dc77-4cc5-b489-16a53c75525a');
\ No newline at end of file
diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java
index 482a14a1b..30ce709f0 100644
--- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java
@@ -23,14 +23,15 @@
  */
 package org.collectionspace.services.account.storage;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
 import org.collectionspace.services.account.AccountsCommon;
+import org.collectionspace.services.account.AccountsCommon.Tenant;
 import org.collectionspace.services.account.AccountsCommonList;
 import org.collectionspace.services.account.AccountsCommonList.AccountListItem;
 import org.collectionspace.services.account.Status;
 import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl;
-import org.collectionspace.services.common.document.BadRequestException;
 import org.collectionspace.services.common.document.DocumentFilter;
 import org.collectionspace.services.common.document.DocumentWrapper;
 import org.slf4j.Logger;
@@ -52,6 +53,7 @@ public class AccountDocumentHandler
         String id = UUID.randomUUID().toString();
         AccountsCommon account = wrapDoc.getWrappedObject();
         account.setCsid(id);
+        
         account.setStatus(Status.ACTIVE);
     }
 
@@ -152,6 +154,8 @@ public class AccountDocumentHandler
      */
     private void sanitize(AccountsCommon account) {
         account.setPassword(null);
-
+        //FIXME once auth mode is mandatory, assume tenant could be retrieved
+        //from security context, remove tenant info being passed to the consumer
+        //account.setTenant(new ArrayList<Tenant>(0));
     }
 }
diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java
index e34f7bdfb..68b9545f7 100644
--- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java
@@ -23,6 +23,7 @@
  */
 package org.collectionspace.services.account.storage;
 
+import java.util.Date;
 import javax.persistence.EntityManager;
 import javax.persistence.EntityManagerFactory;
 import javax.persistence.Query;
@@ -89,6 +90,7 @@ public class AccountStorageClient extends JpaStorageClientImpl {
 //                UserTenant ut = createTenantAssoc(account);
 //                em.persist(ut);
 //            }
+            account.setCreatedAtItem(new Date());
             em.persist(account);
             em.getTransaction().commit();
             handler.complete(Action.CREATE, wrapDoc);
@@ -139,16 +141,17 @@ public class AccountStorageClient extends JpaStorageClientImpl {
             em = emf.createEntityManager();
             em.getTransaction().begin();
             AccountsCommon accountFound = getAccount(em, id);
-
+            Date now = new Date();
             checkAllowedUpdates(account, accountFound);
             //if userid and password are given, add to default id provider
-            if (account.getUserId() != null && account.getPassword() != null) {
-
-                User userFound = getUser(em, account);
-                User user = createUser(account);
-                em.merge(user);
+            if (account.getUserId() != null && hasPassword(account.getPassword())) {
+                updateUser(em, account);
+            }
+            account = em.merge(account);
+            account.setUpdatedAtItem(now);
+            if (logger.isDebugEnabled()) {
+                logger.debug("merged account=" + account.toString());
             }
-            em.merge(account);
             em.getTransaction().commit();
             handler.complete(Action.UPDATE, wrapDoc);
         } catch (BadRequestException bre) {
@@ -284,11 +287,10 @@ public class AccountStorageClient extends JpaStorageClientImpl {
     private User createUser(AccountsCommon account) {
         User user = new User();
         user.setUsername(account.getUserId());
-        byte[] bpass = Base64.decodeBase64(account.getPassword());
-        SecurityUtils.validatePassword(new String(bpass));
-        String secEncPasswd = SecurityUtils.createPasswordHash(
-                account.getUserId(), new String(bpass));
-        user.setPasswd(secEncPasswd);
+        if (hasPassword(account.getPassword())) {
+            user.setPasswd(getEncPassword(account));
+        }
+        user.setCreatedAtItem(new Date());
         return user;
     }
 
@@ -305,6 +307,29 @@ public class AccountStorageClient extends JpaStorageClientImpl {
         return userFound;
     }
 
+    private void updateUser(EntityManager em, AccountsCommon account) throws Exception {
+        User userFound = getUser(em, account);
+        if (userFound != null) {
+            userFound.setPasswd(getEncPassword(account));
+            userFound.setUpdatedAtItem(new Date());
+            if (logger.isDebugEnabled()) {
+                logger.debug("updated user=" + userFound.toString());
+            }
+            em.persist(userFound);
+        }
+    }
+
+    private String getEncPassword(AccountsCommon account) {
+        byte[] bpass = Base64.decodeBase64(account.getPassword());
+        SecurityUtils.validatePassword(new String(bpass));
+        String secEncPasswd = SecurityUtils.createPasswordHash(
+                account.getUserId(), new String(bpass));
+        return secEncPasswd;
+    }
+
+    private boolean hasPassword(byte[] bpass) {
+        return bpass != null && bpass.length > 0;
+    }
 //    private UserTenant createTenantAssoc(AccountsCommon account) {
 //        UserTenant userTenant = new UserTenant();
 //        userTenant.setUserId(account.getUserId());
diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java
index f6336ba38..6391d067f 100644
--- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java
@@ -79,12 +79,14 @@ public class AccountValidatorHandler implements ValidatorHandler {
             StringBuilder msgBldr = new StringBuilder("validate() ");
             boolean invalid = false;
 
-            List<AccountsCommon.Tenant> tl = account.getTenant();
-            if (tl == null || tl.size() == 0) {
-                msgBldr.append("\ntenant : missing information!");
-                invalid = true;
-            }
             if (action.equals(Action.CREATE)) {
+                //FIXME tenant would be retrieved from security context once
+                //authentication is made mandatory, no need for validation
+                List<AccountsCommon.Tenant> tl = account.getTenant();
+                if (tl == null || tl.size() == 0) {
+                    msgBldr.append("\ntenant : missing information!");
+                    invalid = true;
+                }
                 //create specific validation here
                 if (account.getScreenName() == null || account.getScreenName().isEmpty()) {
                     invalid = true;
diff --git a/services/authentication/jaxb/pom.xml b/services/authentication/jaxb/pom.xml
index 583abbe5f..2aa9d5597 100644
--- a/services/authentication/jaxb/pom.xml
+++ b/services/authentication/jaxb/pom.xml
@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 
     <parent>
         <artifactId>org.collectionspace.services.authentication</artifactId>
         <groupId>org.collectionspace.services</groupId>
         <version>1.0</version>
     </parent>
-    
+
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.collectionspace.services</groupId>
     <artifactId>org.collectionspace.services.authentication.jaxb</artifactId>
@@ -19,7 +19,7 @@
         <sql.dir>src/main/resources/db/mysql</sql.dir>
     </properties>
     <dependencies>
-                <!-- keep slf4j dependencies on the top -->
+        <!-- keep slf4j dependencies on the top -->
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
@@ -56,6 +56,10 @@
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-entitymanager</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.jvnet.hyperjaxb3</groupId>
+            <artifactId>hyperjaxb3-ejb-runtime</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.testng</groupId>
             <artifactId>testng</artifactId>
@@ -94,6 +98,6 @@
 
         </plugins>
     </build>
-    
+
 </project>
 
diff --git a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
index 46e3266ba..da3ba5175 100644
--- a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
+++ b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
@@ -61,6 +61,25 @@
                         </xs:appinfo>
                     </xs:annotation>
                 </xs:element>
+                <xs:element name="createdAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="created_at" nullable="false"/>
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
+                <xs:element name="updatedAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="updated_at" />
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
+
             </xs:sequence>
         </xs:complexType>
     </xs:element>
@@ -93,6 +112,24 @@
                         </xs:appinfo>
                     </xs:annotation>
                 </xs:element>
+                <xs:element name="createdAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="created_at" nullable="false"/>
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
+                <xs:element name="updatedAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="updated_at" />
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
             </xs:sequence>
         </xs:complexType>
     </xs:element>
@@ -131,6 +168,24 @@
                         </xs:appinfo>
                     </xs:annotation>
                 </xs:element>
+                <xs:element name="createdAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="created_at" nullable="false"/>
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
+                <xs:element name="updatedAt" type="xs:dateTime">
+                    <xs:annotation>
+                        <xs:appinfo>
+                            <hj:basic>
+                                <orm:column name="updated_at" />
+                            </hj:basic>
+                        </xs:appinfo>
+                    </xs:annotation>
+                </xs:element>
             </xs:sequence>
         </xs:complexType>
     </xs:element>
diff --git a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql b/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
index 3827bd2c4..2062f9b84 100644
--- a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
+++ b/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
@@ -1,6 +1,6 @@
 drop table if exists roles;
 drop table if exists users;
 drop table if exists users_roles;
-create table roles (rolename varchar(200) not null, rolegroup varchar(255) not null, primary key (rolename));
-create table users (username varchar(128) not null, passwd varchar(128) not null, primary key (username));
-create table users_roles (HJID bigint not null auto_increment, rolename varchar(200) not null, username varchar(128) not null, primary key (HJID), unique (username, rolename));
+create table roles (rolename varchar(200) not null, created_at datetime not null, rolegroup varchar(255) not null, updated_at datetime, primary key (rolename));
+create table users (username varchar(128) not null, created_at datetime not null, passwd varchar(128) not null, updated_at datetime, primary key (username));
+create table users_roles (HJID bigint not null auto_increment, created_at datetime not null, rolename varchar(200) not null, updated_at datetime, username varchar(128) not null, primary key (HJID), unique (username, rolename));
diff --git a/services/authentication/pstore/src/main/resources/db/mysql/test_authn.sql b/services/authentication/pstore/src/main/resources/db/mysql/test_authn.sql
index 8daa17f59..441a0a412 100644
--- a/services/authentication/pstore/src/main/resources/db/mysql/test_authn.sql
+++ b/services/authentication/pstore/src/main/resources/db/mysql/test_authn.sql
@@ -5,11 +5,11 @@
 --
 use cspace;
 
-insert into `users` (`username`,`passwd`) VALUES ('test','n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg=');
+insert into `users` (`username`,`passwd`, `created_at`) VALUES ('test','n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg=', '2010-02-17 16:31:48');
 
-insert into `roles` (`rolename`, `rolegroup`) values ('kernel', 'kernel');
-insert into `roles` (`rolename`, `rolegroup`) values ('collections_manager', 'collections');
-insert into `roles` (`rolename`, `rolegroup`) values ('collections_registrar', 'collections');
+insert into `roles` (`rolename`, `rolegroup`, `created_at`) values ('kernel', 'kernel', '2010-02-17 16:31:48');
+insert into `roles` (`rolename`, `rolegroup`, `created_at`) values ('collections_manager', 'collections', '2010-02-17 16:31:48');
+insert into `roles` (`rolename`, `rolegroup`, `created_at`) values ('collections_registrar', 'collections', '2010-02-17 16:31:48');
 
-insert into `users_roles`(`username`, `rolename`) values ('test', 'collections_manager');
-insert into `users_roles`(`username`, `rolename`) values('admin', 'collections_registrar');
\ No newline at end of file
+insert into `users_roles`(`username`, `rolename`, `created_at`) values ('test', 'collections_manager', '2010-02-17 16:31:48');
+insert into `users_roles`(`username`, `rolename`, `created_at`) values('admin', 'collections_registrar', '2010-02-17 16:31:48');
\ No newline at end of file
diff --git a/services/pom.xml b/services/pom.xml
index 40bb43e02..05087e5fa 100644
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -220,7 +220,12 @@
                 <artifactId>hibernate</artifactId>
                 <version>3.4.0.GA</version>
             </dependency>
-
+            <dependency>
+                <groupId>org.jvnet.hyperjaxb3</groupId>
+                <!-- for time type adapters -->
+                <artifactId>hyperjaxb3-ejb-runtime</artifactId>
+                <version>0.5.4</version>
+            </dependency>
             <dependency>
                 <groupId>mysql</groupId>
                 <artifactId>mysql-connector-java</artifactId>
-- 
2.47.3