diff --git a/pom.xml b/pom.xml
index aca3231..56ffd53 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,52 +15,6 @@
     <packaging>war</packaging>
 
 
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.1</version>
-                <configuration>
-                    <source>1.8</source>
-                    <target>1.8</target>
-                    <encoding>UTF-8</encoding>
-                </configuration>
-            </plugin>
-
-            <plugin>
-                <artifactId>maven-war-plugin</artifactId>
-                <version>2.6</version>
-                <configuration>
-                    <failOnMissingWebXml>false</failOnMissingWebXml>
-                </configuration>
-            </plugin>
-            <!--<plugin>
-                <groupId>cz.habarta.typescript-generator</groupId>
-                <artifactId>typescript-generator-maven-plugin</artifactId>
-                <version>1.29.366</version>
-                <executions>
-                    <execution>
-                        <id>generate1</id>
-                        <goals>
-                            <goal>generate</goal>
-                        </goals>
-                        <configuration>
-                            <jsonLibrary>jackson2</jsonLibrary>
-                            <outputFileType>implementationFile</outputFileType>
-                            <mapClasses>asClasses</mapClasses>
-                            <classPatterns>
-                                <pattern>eu.dnetlib.domain.data.*</pattern>
-                            </classPatterns>
-                            <outputFile>target/typeScriptClasses.ts</outputFile>
-                            <outputKind>module</outputKind>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>-->
-        </plugins>
-    </build>
-
     <dependencies>
 
         <dependency>
@@ -231,8 +185,13 @@
             <version>LATEST</version>
         </dependency>
 
+        <dependency>
+            <groupId>commons-fileupload</groupId>
+            <artifactId>commons-fileupload</artifactId>
+            <version>LATEST</version>
+        </dependency>
 
-        <!--<dependency>
+        <dependency>
             <groupId>org.mitre</groupId>
             <artifactId>openid-connect-client</artifactId>
             <version>1.3.0</version>
@@ -242,21 +201,117 @@
                     <artifactId>jcl-over-slf4j</artifactId>
                 </exclusion>
             </exclusions>
-        </dependency>-->
+        </dependency>
 
-        <!--<dependency>
+
+        <dependency>
             <groupId>org.springframework.session</groupId>
             <artifactId>spring-session-data-redis</artifactId>
             <version>1.3.1.RELEASE</version>
             <type>pom</type>
         </dependency>
+        <!-- https://mvnrepository.com/artifact/redis.clients/jedis -->
         <dependency>
-            <groupId>biz.paluch.redis</groupId>
-            <artifactId>lettuce</artifactId>
-            <version>3.5.0.Final</version>
-        </dependency>-->
-
+            <groupId>redis.clients</groupId>
+            <artifactId>jedis</artifactId>
+            <version>2.9.0</version>
+        </dependency>
 
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.1</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                    <encoding>UTF-8</encoding>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <artifactId>maven-war-plugin</artifactId>
+                <version>2.6</version>
+                <configuration>
+                    <failOnMissingWebXml>false</failOnMissingWebXml>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>com.googlecode.maven-download-plugin</groupId>
+                <artifactId>download-maven-plugin</artifactId>
+                <version>1.3.0</version>
+                <executions>
+                    <execution>
+                        <phase>process-resources</phase>
+                        <goals>
+                            <goal>wget</goal>
+                        </goals>
+                        <configuration>
+                            <url>
+                                https://github.com/ostranme/swagger-ui-themes/archive/v3.0.0.zip
+                            </url>
+                            <unpack>true</unpack>
+                            <outputDirectory>${project.build.directory}</outputDirectory>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-antrun-plugin</artifactId>
+                <version>1.8</version>
+                <executions>
+                    <execution>
+                        <phase>prepare-package</phase>
+                        <!--<goals>
+                            <goal>run</goal>
+                        </goals>-->
+                        <configuration>
+                            <tasks>
+                                <sequential>
+                                    <echo>Add theme</echo>
+                                    <replace token="&lt;/head&gt;"
+                                             value="&lt;link href='webjars/springfox-swagger-ui/themes/2.x/theme-feeling-blue.css' rel=&quot;stylesheet&quot;/&gt;&lt;/head&gt;"
+                                             dir="${project.build.directory}/classes/META-INF/resources">
+                                        <include name="swagger-ui.html"/>
+                                    </replace>
+                                </sequential>
+                            </tasks>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
+            <!--<plugin>
+                <groupId>cz.habarta.typescript-generator</groupId>
+                <artifactId>typescript-generator-maven-plugin</artifactId>
+                <version>1.29.366</version>
+                <executions>
+                    <execution>
+                        <id>generate1</id>
+                        <goals>
+                            <goal>generate</goal>
+                        </goals>
+                        <configuration>
+                            <jsonLibrary>jackson2</jsonLibrary>
+                            <outputFileType>implementationFile</outputFileType>
+                            <mapClasses>asClasses</mapClasses>
+                            <classPatterns>
+                                <pattern>eu.dnetlib.domain.data.*</pattern>
+                            </classPatterns>
+                            <outputFile>target/typeScriptClasses.ts</outputFile>
+                            <outputKind>module</outputKind>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>-->
+        </plugins>
+    </build>
+
+
 </project>
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/utils/Config.java b/src/main/java/eu/dnetlib/repo/manager/service/config/Config.java
similarity index 57%
rename from src/main/java/eu/dnetlib/repo/manager/service/utils/Config.java
rename to src/main/java/eu/dnetlib/repo/manager/service/config/Config.java
index e5e2c39..53b15bb 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/utils/Config.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/config/Config.java
@@ -1,28 +1,28 @@
-/*
-package eu.dnetlib.repo.manager.service.utils;
+package eu.dnetlib.repo.manager.service.config;
 
+import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.http.CookieSerializer;
 import org.springframework.session.web.http.DefaultCookieSerializer;
 
 import javax.annotation.PostConstruct;
-import java.util.logging.Logger;
 
 @Configuration
 @EnableRedisHttpSession
-@PropertySource(value = { "classpath:eu/dnetlib/repo/manager/service/application.properties", "classpath:application.properties"} )
-@ComponentScan(basePackages = "eu.dnetlib.repo.manager")
+@PropertySource(value = { "classpath:eu/dnetlib/repo/manager/service/application.properties"} )
+@ComponentScan(basePackages = "eu.dnetlib.repo.manager.service.controllers")
+
 public class Config {
 
-    private static Logger LOGGER = Logger.getLogger(String.valueOf(Config.class));
+    private static Logger LOGGER = Logger.getLogger(Config.class);
 
-    @Value("${redis.host}")
+    @Value("${redis.host:194.177.192.121}")
     private String host;
 
     @Value("${redis.port:6379}")
@@ -37,11 +37,13 @@ public class Config {
     }
 
     @Bean
-    public LettuceConnectionFactory connectionFactory() {
-        LOGGER.info(String.format("Redis connection listens to %s:%s",host,port));
-        LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port));
-        if(password != null) factory.setPassword(password);
-        return factory;
+    JedisConnectionFactory connectionFactory() {
+        LOGGER.info(String.format("Redis : %s Port : %s Password : %s",host,port,password));
+        JedisConnectionFactory jedisConnectionFactory = new JedisConnectionFactory();
+        jedisConnectionFactory.setHostName(host);
+        jedisConnectionFactory.setPort(Integer.parseInt(port));
+        if(password != null) jedisConnectionFactory.setPassword(password);
+        return jedisConnectionFactory;
     }
 
     @Bean
@@ -49,8 +51,8 @@ public class Config {
         DefaultCookieSerializer serializer = new DefaultCookieSerializer();
         serializer.setCookieName("SESSION"); // <1>
         serializer.setCookiePath("/"); // <2>
+        LOGGER.info("Serializer : " + serializer);
         return serializer;
     }
 
 }
-*/
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/utils/FrontEndLinkURIAuthenticationSuccessHandler.java b/src/main/java/eu/dnetlib/repo/manager/service/config/FrontEndLinkURIAuthenticationSuccessHandler.java
similarity index 76%
rename from src/main/java/eu/dnetlib/repo/manager/service/utils/FrontEndLinkURIAuthenticationSuccessHandler.java
rename to src/main/java/eu/dnetlib/repo/manager/service/config/FrontEndLinkURIAuthenticationSuccessHandler.java
index c5de3be..9890080 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/utils/FrontEndLinkURIAuthenticationSuccessHandler.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/config/FrontEndLinkURIAuthenticationSuccessHandler.java
@@ -1,10 +1,11 @@
-/*
-package eu.dnetlib.repo.manager.service.utils;
+package eu.dnetlib.repo.manager.service.config;
 
+import org.apache.log4j.Logger;
 import org.mitre.openid.connect.model.OIDCAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 
+import javax.annotation.PostConstruct;
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
@@ -15,8 +16,20 @@ public class FrontEndLinkURIAuthenticationSuccessHandler implements Authenticati
 
     private String frontEndURI;
 
+    private static final Logger LOGGER = Logger
+            .getLogger(FrontEndLinkURIAuthenticationSuccessHandler.class);
+
+    @PostConstruct
+    public void init(){
+        LOGGER.debug(frontEndURI);
+    }
+
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+
+        LOGGER.info(request);
+        LOGGER.info(response);
+
         OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
         Cookie sessionCookie = new Cookie("currentUser", authOIDC.getSub());
         int expireSec = -1;
@@ -35,4 +48,3 @@ public class FrontEndLinkURIAuthenticationSuccessHandler implements Authenticati
     }
 }
 
-*/
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApi.java b/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApi.java
index 0321348..04bddf5 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApi.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApi.java
@@ -94,6 +94,11 @@ public interface RepositoryApi {
     @ResponseBody
     List<Timezone> getTimezones();
 
+    @RequestMapping(value = "/updateRepository", method = RequestMethod.POST,
+            produces = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseBody
+    Repository updateRepository(Repository repository);
+
     @RequestMapping(value = "/updateManagedStatus", method = RequestMethod.POST,
             produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseBody
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApiImpl.java b/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApiImpl.java
index a63ef55..039196c 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApiImpl.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/controllers/RepositoryApiImpl.java
@@ -337,12 +337,15 @@ public class RepositoryApiImpl implements RepositoryApi {
         return repository;
     }
 
-    private void updateRepository(Repository repository) {
-        this.updateRegisteredByValue(repository.getId(),repository.getRegisteredBy());
-        this.updateEnglishName(repository.getId(),repository.getOfficialName(),repository.getEnglishName());
-        this.updateLogoUrl(repository.getId(),repository.getLogoUrl());
-        this.updateTimezone(repository.getId(), String.valueOf(repository.getTimezone()));
-        //TODO update datasource type
+    @Override
+    public Repository updateRepository(@RequestBody Repository repository) {
+        /*UriComponents uriComponents = UriComponentsBuilder
+                .fromHttpUrl(baseAddress + "/ds/update/")
+                .build()
+                .encode();*/
+        return null;
+
+
     }
 
     private void updateRegisteredByValue(String id, String registeredBy) {
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApi.java b/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApi.java
index 37e3ac5..475fddc 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApi.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApi.java
@@ -1,23 +1,18 @@
-/*
 package eu.dnetlib.repo.manager.service.controllers;
 
 import io.swagger.annotations.Api;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 @RestController
 @RequestMapping(value = "/user")
 @Api(description = "User API",  tags = {"user"})
 public interface UserApi {
 
     @RequestMapping(value = "/login" , method = RequestMethod.GET)
-    void login(HttpServletRequest req,
-               HttpServletResponse resp);
+    ResponseEntity<Object> login();
 
 
 }
-*/
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApiImpl.java b/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApiImpl.java
index f766512..603162c 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApiImpl.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApiImpl.java
@@ -1,11 +1,18 @@
-/*
 package eu.dnetlib.repo.manager.service.controllers;
 
+import org.mitre.openid.connect.model.OIDCAuthenticationToken;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
 
 @Component
 public class UserApiImpl implements UserApi {
@@ -17,11 +24,20 @@ public class UserApiImpl implements UserApi {
     private String oidc_issuer;
 
     @Override
-    public void login(HttpServletRequest req,
-                      HttpServletResponse resp) {
-        LOGGER.debug(oidc_issuer);
-        resp.setStatus(HttpServletResponse.SC_FOUND);
-        resp.setHeader("Location", oidc_issuer);
+    @PreAuthorize("hasRole('ROLE_USER')")
+    public ResponseEntity<Object> login() {
+        OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
+        LOGGER.debug("User authentication : " + authentication);
+        Map<String,Object> body = new HashMap<>();
+        body.put("sub",authentication.getSub());
+        if(authentication.getUserInfo().getName() == null || authentication.getUserInfo().getName().equals("")) {
+            body.put("name",authentication.getUserInfo().getGivenName() + " " + authentication.getUserInfo().getFamilyName());
+        } else {
+            body.put("name",authentication.getUserInfo().getName());
+        }
+        body.put("email",authentication.getUserInfo().getEmail());
+        List<String> roles = authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
+        body.put("role",roles);
+        return new ResponseEntity<>(body, HttpStatus.OK);
     }
 }
-*/
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/utils/OMTDAuthoritiesMapper.java b/src/main/java/eu/dnetlib/repo/manager/service/utils/OMTDAuthoritiesMapper.java
new file mode 100644
index 0000000..56bb73d
--- /dev/null
+++ b/src/main/java/eu/dnetlib/repo/manager/service/utils/OMTDAuthoritiesMapper.java
@@ -0,0 +1,41 @@
+package eu.dnetlib.repo.manager.service.utils;
+
+import com.nimbusds.jwt.JWT;
+import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
+import org.mitre.openid.connect.model.UserInfo;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import java.util.*;
+
+public class OMTDAuthoritiesMapper implements OIDCAuthoritiesMapper {
+
+    private static Logger logger = LoggerFactory.getLogger(OMTDAuthoritiesMapper.class);
+
+    final private static String ROLE_CLAIMS = "edu_person_entitlements";
+
+    private Map<String,SimpleGrantedAuthority> userRolesMap;
+
+    OMTDAuthoritiesMapper(Map<String,String> userRoles) {
+        userRolesMap = new HashMap<>();
+        userRoles.forEach((omtdRole, appRole) -> userRolesMap.put(omtdRole, new SimpleGrantedAuthority(appRole)));
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
+        Set<GrantedAuthority> out = new HashSet<>();
+        out.add(new SimpleGrantedAuthority("ROLE_USER"));
+        if(userInfo.getSource().getAsJsonArray(ROLE_CLAIMS) != null) {
+            userInfo.getSource().getAsJsonArray(ROLE_CLAIMS).forEach(role -> {
+                SimpleGrantedAuthority authority = userRolesMap.get(role.getAsString());
+                if (authority != null) {
+                    logger.debug("Role mapped " + role);
+                    out.add(authority);
+                }
+            });
+        }
+        return out;
+    }
+}
\ No newline at end of file
diff --git a/src/main/resources/application-context.xml b/src/main/resources/application-context.xml
index 6cc37b1..8e94317 100644
--- a/src/main/resources/application-context.xml
+++ b/src/main/resources/application-context.xml
@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
-               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
-               xmlns:context="http://www.springframework.org/schema/context"
-               xmlns:task="http://www.springframework.org/schema/task" xmlns:tx="http://www.springframework.org/schema/tx"
-               xsi:schemaLocation="http://www.springframework.org/schema/beans
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:task="http://www.springframework.org/schema/task" xmlns:tx="http://www.springframework.org/schema/tx"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
                http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
         	http://www.springframework.org/schema/context
         	http://www.springframework.org/schema/context/spring-context-4.0.xsd
@@ -27,6 +27,8 @@
     <import resource="classpath*:/eu/dnetlib/repos/springContext-repos-dms-cached.xml"/>-->
 
     <context:property-placeholder location="classpath*:/eu/**/application.properties" />
+    <context:annotation-config/>
+    <context:component-scan base-package="eu.dnetlib.repo.manager.service.config"/>
     <tx:annotation-driven transaction-manager="txManager"/>
 
     <bean class="eu.dnetlib.repo.manager.service.config.CascadingPropertyLoader" id="propertyLoader">
diff --git a/src/main/resources/eu/dnetlib/repo/manager/service/aai-security.xml b/src/main/resources/eu/dnetlib/repo/manager/service/aai-security.xml
deleted file mode 100644
index a444c48..0000000
--- a/src/main/resources/eu/dnetlib/repo/manager/service/aai-security.xml
+++ /dev/null
@@ -1,179 +0,0 @@
-<!--
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xmlns:security="http://www.springframework.org/schema/security"
-       xmlns:util="http://www.springframework.org/schema/util" xmlns:task="http://www.springframework.org/schema/task"
-       xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
-       xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
-		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
-
-		  http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"
-       default-autowire="byType">
-
-
-    <bean id="webexpressionHandler"
-          class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
-
-    <security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"
-                                     authentication-manager-ref="authenticationManager"/>
-
-    <security:http auto-config="false" use-expressions="true"
-                   disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
-                   pattern="/**">
-
-    <security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" />
-
-    <security:logout />
-
-    </security:http>
-
-    <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
-    <constructor-arg type="java.lang.String" value="/openid_connect_login"/>
-    </bean>
-
-    <security:authentication-manager alias="authenticationManager">
-    <security:authentication-provider ref="openIdConnectAuthenticationProvider" />
-    </security:authentication-manager>
-
-    <bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
-    <property name="authoritiesMapper">
-        <bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
-            <property name="admins" ref="namedAdmins" />
-        </bean>
-    </property>
-    </bean>
-
-    <util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
-    &lt;!&ndash;
-        This is an example of how quantity set up a user as an administrator: they'll be given ROLE_ADMIN in addition quantity ROLE_USER.
-        Note that having an administrator role on the IdP doesn't grant administrator access on this client.
-        These are values from the demo "openid-connect-server-webapp" project of MITREid Connect.
-    &ndash;&gt;
-    <bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
-        <constructor-arg name="subject" value="90342.ASDFJWFA" />
-        <constructor-arg name="issuer" value="${oidc.issuer}" />
-    </bean>
-    </util:set>
-
-    <bean class="eu.dnetlib.repo.manager.service.utils.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect">
-    <property name="frontEndURI" value="${webapp.front}"/>
-    </bean>
-            &lt;!&ndash;
-              -
-              - The authentication filter
-              -
-              &ndash;&gt;
-    <bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
-    <property name="authenticationManager" ref="authenticationManager" />
-
-    <property name="issuerService" ref="staticIssuerService" />
-    <property name="serverConfigurationService" ref="staticServerConfigurationService" />
-    <property name="clientConfigurationService" ref="staticClientConfigurationService" />
-    <property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
-    <property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
-    <property name="authenticationSuccessHandler" ref="frontEndRedirect"/>
-
-    </bean>
-
-
-
-            &lt;!&ndash;
-              -
-              -	Issuer Services: Determine which identity provider issuer is used.
-              -
-              &ndash;&gt;
-
-
-            &lt;!&ndash;
-                Static issuer service, returns the same issuer for every request.
-            &ndash;&gt;
-    <bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService">
-    <property name="issuer" value="${oidc.issuer}" />
-    </bean>
-
-    <bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService">
-    <property name="loginPageUrl" value="login" />
-    <property name="forceHttps" value="false" /> &lt;!&ndash; this default property forces the webfinger issuer URL quantity be HTTPS, turn off for development work &ndash;&gt;
-    </bean>
-
-            &lt;!&ndash;
-                Dynamic server configuration, fetches the server's information using OIDC Discovery.
-            &ndash;&gt;
-    <bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService">
-    <property name="servers">
-        <map>
-            <entry key="${oidc.issuer}">
-                <bean class="org.mitre.openid.connect.config.ServerConfiguration">
-                    <property name="issuer" value="${oidc.issuer}" />
-                    <property name="authorizationEndpointUri"	value="${oidc.issuer}authorize" />
-                    <property name="tokenEndpointUri"	value="${oidc.issuer}token" />
-                    <property name="userInfoUri" value="${oidc.issuer}userinfo" />
-                    <property name="jwksUri" value="${oidc.issuer}jwk" />
-                    <property name="revocationEndpointUri" value="${oidc.issuer}revoke" />
-                </bean>
-            </entry>
-        </map>
-    </property>
-    </bean>
-
-
-            &lt;!&ndash;
-               Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis.
-           &ndash;&gt;
-
-    <bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService">
-    <property name="clients">
-        <map>
-            <entry key="${oidc.issuer}">
-                <bean class="org.mitre.oauth2.model.RegisteredClient">
-                    <property name="clientId" value="${oidc.id}" />
-                    <property name="clientSecret" value="${oidc.secret}" />
-                    <property name="scope">
-                        <set value-type="java.lang.String">
-                            <value>openid</value>
-                        </set>
-                    </property>
-                    <property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
-                    <property name="redirectUris">
-                        <set>
-                            <value>${webapp.home}</value>
-                        </set>
-                    </property>
-                </bean>
-            </entry>
-        </map>
-    </property>
-    </bean>
-
-
-            &lt;!&ndash;
-              -
-              -	Auth request options service: returns the optional components of the request
-              -
-              &ndash;&gt;
-    <bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService">
-    <property name="options">
-        <map>
-            &lt;!&ndash; Entries in this map are sent as key-value parameters quantity the auth request &ndash;&gt;
-            &lt;!&ndash;
-            <entry key="display" value="page" />
-            <entry key="max_age" value="30" />
-            <entry key="prompt" value="none" />
-            &ndash;&gt;
-        </map>
-    </property>
-    </bean>
-
-            &lt;!&ndash;
-              -
-              - Authorization URL Builders: create the URL quantity redirect the user quantity for authorization.
-              -
-              &ndash;&gt;
-
-            &lt;!&ndash;
-                Plain authorization request builder, puts all options as query parameters on the GET request
-            &ndash;&gt;
-    <bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
-</beans>-->
diff --git a/src/main/resources/eu/dnetlib/repo/manager/service/application.properties b/src/main/resources/eu/dnetlib/repo/manager/service/application.properties
index bc135bd..63dbf32 100644
--- a/src/main/resources/eu/dnetlib/repo/manager/service/application.properties
+++ b/src/main/resources/eu/dnetlib/repo/manager/service/application.properties
@@ -101,12 +101,14 @@ topic_types.url = https://beta.services.openaire.eu/provision/mvc/vocabularies/d
 oidc.issuer = https://aai.openminted.eu/oidc/
 oidc.id = 24e83176-1312-4ba3-bc0b-ffeebea1603e
 oidc.secret = U_gLOupYu2trYIOwfxGgZkkZoOHG_zGfaViOUsXcZ7qVQuF1rcJeQYKIDX1TY3z27CIoHaqq9ht2rmAiUmBRYQ
-webapp.home = http://localhost:8380/repomanager-service/openid_connect_login
-webapp.front=http://localhost:8380/
+oidc.home = http://194.177.192.121:8380/repomanager-service-dev/openid_connect_login
+webapp.home = http://194.177.192.121:8380/repomanager-service-dev/openid_connect_login
+webapp.dev.front = http://195.134.66.230:3000
 
-redis.host = 83.212.101.85
-#redis.port = 6379
-#redis.password
+
+redis.host = 194.177.192.121
+redis.port = 6379
+redis.password = E#Szvnidd
 
 services.repomanager.usageStatisticsDiagramsBaseURL = https://beta.openaire.eu/stats3/
 services.repomanager.usageStatisticsNumbersBaseURL = https://beta.services.openaire.eu/usagestats/datasources/
diff --git a/src/main/webapp/WEB-INF/aai-security.xml b/src/main/webapp/WEB-INF/aai-security.xml
new file mode 100644
index 0000000..3fad77b
--- /dev/null
+++ b/src/main/webapp/WEB-INF/aai-security.xml
@@ -0,0 +1,158 @@
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:security="http://www.springframework.org/schema/security"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
+		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd"
+       default-autowire="byType">
+
+    <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
+        <property name="maxUploadSize" value="268435456"/>
+    </bean>
+
+    <bean id="webexpressionHandler"
+          class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
+
+    <security:global-method-security pre-post-annotations="enabled" proxy-target-class="true" authentication-manager-ref="authenticationManager"/>
+
+    <security:http auto-config="false" use-expressions="true"
+                   disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
+                   pattern="/**">
+
+        <security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" />
+
+        <security:logout />
+
+    </security:http>
+
+    <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
+        <constructor-arg type="java.lang.String" value="/openid_connect_login"/>
+    </bean>
+
+    <security:authentication-manager alias="authenticationManager">
+        <security:authentication-provider ref="openIdConnectAuthenticationProvider" />
+    </security:authentication-manager>
+
+    <bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
+        <property name="authoritiesMapper">
+            <bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
+                <property name="admins" ref="namedAdmins" />
+            </bean>
+        </property>
+    </bean>
+
+    <util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
+        <!--
+            This is an example of how to set up a user as an administrator: they'll be given ROLE_ADMIN in addition to ROLE_USER.
+            Note that having an administrator role on the IdP doesn't grant administrator access on this client.
+
+            These are values from the demo "openid-connect-server-webapp" project of MITREid Connect.
+        -->
+        <bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
+            <constructor-arg name="subject" value="subject_value" />
+            <constructor-arg name="issuer" value="${oidc.issuer}" />
+        </bean>
+    </util:set>
+
+
+    <bean class="eu.dnetlib.repo.manager.service.config.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect">
+        <property name="frontEndURI" value="${webapp.dev.front}"/>
+    </bean>
+
+    <!--
+      -
+      - The authentication filter
+      -
+      -->
+    <bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
+        <property name="authenticationManager" ref="authenticationManager" />
+
+        <property name="issuerService" ref="staticIssuerService" />
+        <property name="serverConfigurationService" ref="staticServerConfigurationService" />
+        <property name="clientConfigurationService" ref="staticClientConfigurationService" />
+        <property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
+        <property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
+        <property name="authenticationSuccessHandler" ref="frontEndRedirect"/>
+
+    </bean>
+
+    <!--
+        Static issuer service, returns the same issuer for every request.
+    -->
+    <bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService">
+        <property name="issuer" value="${oidc.issuer}" />
+    </bean>
+
+    <!--
+        Dynamic server configuration, fetches the server's information using OIDC Discovery.
+    -->
+    <bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService">
+        <property name="servers">
+            <map>
+                <entry key="${oidc.issuer}">
+                    <bean class="org.mitre.openid.connect.config.ServerConfiguration">
+                        <property name="issuer" value="${oidc.issuer}" />
+                        <property name="authorizationEndpointUri"	value="${oidc.issuer}authorize" />
+                        <property name="tokenEndpointUri"	value="${oidc.issuer}token" />
+                        <property name="userInfoUri" value="${oidc.issuer}userinfo" />
+                        <property name="jwksUri" value="${oidc.issuer}jwk" />
+                        <property name="revocationEndpointUri" value="${oidc.issuer}revoke" />
+                    </bean>
+                </entry>
+            </map>
+        </property>
+    </bean>
+
+
+    <!--
+       Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis.
+    -->
+    <bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService">
+        <property name="clients">
+            <map>
+                <entry key="${oidc.issuer}">
+                    <bean class="org.mitre.oauth2.model.RegisteredClient">
+                        <property name="clientId" value="${oidc.id}" />
+                        <property name="clientSecret" value="${oidc.secret}" />
+                        <property name="scope">
+                            <set value-type="java.lang.String">
+                                <value>openid</value>
+                            </set>
+                        </property>
+                        <property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
+                        <property name="redirectUris">
+                            <set>
+                                <value>${oidc.home}</value>
+                            </set>
+                        </property>
+                    </bean>
+                </entry>
+            </map>
+        </property>
+    </bean>
+
+
+    <!--
+      -
+      -	Auth request options service: returns the optional components of the request
+      -
+      -->
+    <bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService">
+        <property name="options">
+            <map>
+                <!-- Entries in this map are sent as key-value parameters to the auth request -->
+                <!--
+                <entry key="display" value="page" />
+                <entry key="max_age" value="30" />
+                <entry key="prompt" value="none" />
+                -->
+            </map>
+        </property>
+    </bean>
+
+    <!--
+        Plain authorization request builder, puts all options as query parameters on the GET request
+    -->
+    <bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
+</beans>
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/applicationContext.xml b/src/main/webapp/WEB-INF/applicationContext.xml
index e47bdab..b3584af 100644
--- a/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/src/main/webapp/WEB-INF/applicationContext.xml
@@ -90,4 +90,4 @@
     <mvc:resources mapping="swagger-ui.html" location="classpath:/META-INF/resources/"/>
     <mvc:resources mapping="/webjars/**" location="classpath:/META-INF/resources/webjars/"/>
     <bean class="eu.dnetlib.repo.manager.service.config.SwaggerConfig"/>
-</beans>
+</beans>
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/log4j.properties b/src/main/webapp/WEB-INF/log4j.properties
index f7c2cf9..9446c5a 100644
--- a/src/main/webapp/WEB-INF/log4j.properties
+++ b/src/main/webapp/WEB-INF/log4j.properties
@@ -11,16 +11,14 @@ log4j.logger.com.opensymphony.xwork2.ObjectFactory = FATAL
 log4j.logger.eu.dnetlib.repo.manager=DEBUG
 
 log4j.appender.R=org.apache.log4j.RollingFileAppender
-#log4j.appender.R.File=/var/log/dnet/repo-manager/repo-manager-gui.log
-log4j.appender.R.File=/tmp/repo-manager-service.log
+log4j.appender.R.File=/var/log/dnet45/repomanager-service-dev/repomanager-service.log
 log4j.appender.R.MaxFileSize=10MB
 log4j.appender.R.MaxBackupIndex=10
 log4j.appender.R.layout=org.apache.log4j.PatternLayout
 log4j.appender.R.layout.ConversionPattern= %d %p %t [%c] - %m%n
 
 log4j.appender.S=org.apache.log4j.RollingFileAppender
-#log4j.appender.S.File=/var/log/dnet/repo-manager/repo-manager-gui-spring.log
-log4j.appender.S.File=/tmp/repo-manager-service-spring.log
+log4j.appender.S.File=/var/log/dnet45/repomanager-service-dev/repomanager-service-spring.log
 log4j.appender.S.MaxFileSize=10MB
 log4j.appender.S.MaxBackupIndex=10
 log4j.appender.S.layout=org.apache.log4j.PatternLayout
diff --git a/src/main/webapp/WEB-INF/spring-servlet.xml b/src/main/webapp/WEB-INF/spring-servlet.xml
index eb812c8..d5d75c6 100644
--- a/src/main/webapp/WEB-INF/spring-servlet.xml
+++ b/src/main/webapp/WEB-INF/spring-servlet.xml
@@ -2,15 +2,15 @@
 <beans:beans xmlns="http://www.springframework.org/schema/mvc"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xmlns:beans="http://www.springframework.org/schema/beans"
-             xmlns:task="http://www.springframework.org/schema/task"
              xmlns:mvc="http://www.springframework.org/schema/mvc"
              xmlns:context="http://www.springframework.org/schema/context"
              xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
-		http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd
+
 		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
 
-    <context:property-placeholder location="classpath*:/eu/**/application.properties" />
     <context:annotation-config/>
+    <context:property-placeholder location="classpath*:/eu/**/application.properties" />
     <context:component-scan base-package="eu.dnetlib.repo.manager.service.controllers"/>
-    <mvc:annotation-driven/>
+    <mvc:annotation-driven />
+
 </beans:beans>
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index b9df1da..8804f55 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -1,9 +1,53 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd
-http://xmlns.jcp.org/xml/ns/javaee "
-         version="3.1">
+<web-app>
+
+    <listener>
+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+    </listener>
+    <listener>
+        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
+    </listener>
+
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>
+            /WEB-INF/applicationContext.xml
+            /WEB-INF/aai-security.xml
+        </param-value>
+    </context-param>
+    <context-param>
+        <param-name>log4jConfigLocation</param-name>
+        <param-value>/WEB-INF/log4j.properties</param-value>
+    </context-param>
+    <context-param>
+        <param-name>log4jRefreshInterval</param-name>
+        <param-value>1000</param-value>
+    </context-param>
+    <context-param>
+        <param-name>log4jExposeWebAppRoot</param-name>
+        <param-value>false</param-value>
+    </context-param>
+
+    <servlet>
+        <servlet-name>spring</servlet-name>
+        <servlet-class>
+            org.springframework.web.servlet.DispatcherServlet
+        </servlet-class>
+        <init-param>
+            <param-name>throwExceptionIfNoHandlerFound</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+
+    <filter>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+        <init-param>
+            <param-name>contextAttribute</param-name>
+            <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
+        </init-param>
+    </filter>
 
     <filter>
         <filter-name>CorsFilter</filter-name>
@@ -27,45 +71,24 @@ http://xmlns.jcp.org/xml/ns/javaee "
         <url-pattern>/*</url-pattern>
     </filter-mapping>
 
-    <context-param>
-        <param-name>log4jConfigLocation</param-name>
-        <param-value>/WEB-INF/log4j.properties</param-value>
-    </context-param>
-    <context-param>
-        <param-name>log4jRefreshInterval</param-name>
-        <param-value>1000</param-value>
-    </context-param>
-    <context-param>
-        <param-name>log4jExposeWebAppRoot</param-name>
-        <param-value>false</param-value>
-    </context-param>
-    <listener>
-        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-    </listener>
+    <filter>
+        <filter-name>springSessionRepositoryFilter</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>springSessionRepositoryFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+        <dispatcher>REQUEST</dispatcher>
+        <dispatcher>ERROR</dispatcher>
+    </filter-mapping>
 
-
-    <listener>
-        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-    </listener>
-
-    <context-param>
-        <param-name>contextConfigLocation</param-name>
-        <param-value>/WEB-INF/applicationContext.xml
-        </param-value>
-    </context-param>
-
-
-    <servlet>
-        <servlet-name>spring</servlet-name>
-        <servlet-class>
-            org.springframework.web.servlet.DispatcherServlet
-        </servlet-class>
-        <load-on-startup>1</load-on-startup>
-    </servlet>
+    <filter-mapping>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
 
     <servlet-mapping>
         <servlet-name>spring</servlet-name>
         <url-pattern>/</url-pattern>
     </servlet-mapping>
-
-</web-app>
\ No newline at end of file
+</web-app>