diff --git a/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpoint.java b/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpoint.java
index aa67fe8..4bf6121 100644
--- a/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpoint.java
+++ b/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpoint.java
@@ -16,6 +16,9 @@ public final class AuthorizationEndpoint implements Comparable<AuthorizationEndp
 	@XmlAttribute
 	private String infrastructure;
 	
+	@XmlAttribute(name="cacheValidityInMillis") 
+	long clientCacheValidity = 10*60*1000; //10 minutes
+			
 	@XmlElement
 	private String host;
 	
@@ -55,6 +58,10 @@ public final class AuthorizationEndpoint implements Comparable<AuthorizationEndp
 	public int getPriority() {
 		return priority;
 	}
+	
+	public long getClientCacheValidity() {
+		return clientCacheValidity;
+	}
 
 	@Override
 	public int compareTo(AuthorizationEndpoint o) {
diff --git a/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpointScanner.java b/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpointScanner.java
index 63cacb8..4ac9106 100644
--- a/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpointScanner.java
+++ b/src/main/java/org/gcube/common/authorization/library/enpoints/AuthorizationEndpointScanner.java
@@ -17,38 +17,47 @@ public class AuthorizationEndpointScanner {
 
 	private static Logger log = LoggerFactory.getLogger(AuthorizationEndpointScanner.class);
 
-	private static Map<Integer, AuthorizationEndpoint> endpoints;
+	private static EndpointsContainer endpoints;
 
 	/**
 	 * The path used to find service map configuration files.
 	 */
-	static final String configurationPattern = "authorization-endpoint.xml";
+	static final String configurationPattern = ".*\\.authorization";
 
 	/**
 	 * Scans the classpath for {@link ServiceMap}s.
 	 */
-	public static synchronized Map<Integer, AuthorizationEndpoint> endpoints() {
+	public static synchronized EndpointsContainer endpoints() {
 
-		if (endpoints==null || endpoints.size()==0){
-			endpoints = new HashMap<Integer, AuthorizationEndpoint>();
+		if (endpoints==null || endpoints.getEndpoints().size()==0){
+			Map<Integer, AuthorizationEndpoint> endpointsMap = new HashMap<Integer, AuthorizationEndpoint>();
 			
 			try {
 
 				JAXBContext context = JAXBContext.newInstance(AuthorizationEndpoint.class);
 				Unmarshaller um = context.createUnmarshaller();
-
+				
+				String defaultInfrastructure = null;
+				
 				ClasspathScanner scanner = ClasspathScannerFactory.scanner();
 				for (ClasspathResource r : scanner.scan(new NameMatcher(configurationPattern))){
 					AuthorizationEndpoint endpoint = (AuthorizationEndpoint)um.unmarshal(r.stream());
-					if (!endpoints.containsKey(endpoint.getInfrastructure()) 
-							|| endpoints.get(endpoint.getInfrastructure()).getPriority()> endpoint.getPriority())
-						endpoints.put(endpoint.getInfrastructure().hashCode(), endpoint);
+					if (defaultInfrastructure==null)
+						defaultInfrastructure = endpoint.getInfrastructure();
+					
+					if (!endpointsMap.containsKey(endpoint.getInfrastructure()) 
+							|| endpointsMap.get(endpoint.getInfrastructure()).getPriority()> endpoint.getPriority()){
+						if ((r.name()).startsWith("default"))
+							defaultInfrastructure = endpoint.getInfrastructure();
+						endpointsMap.put(endpoint.getInfrastructure().hashCode(), endpoint);
+					}
 					
 					log.info("loaded endpoint {} ",endpoint.toString());
 				}
-				if (endpoints.size()==0)
+				
+				if (endpointsMap.size()==0)
 					throw new Exception("no endpoints retreived");
-			
+				endpoints = new EndpointsContainer(endpointsMap, defaultInfrastructure);
 			} catch (Exception e) {
 				throw new RuntimeException("could not load authorization endpoints", e);
 			}
diff --git a/src/main/java/org/gcube/common/authorization/library/enpoints/EndpointsContainer.java b/src/main/java/org/gcube/common/authorization/library/enpoints/EndpointsContainer.java
new file mode 100644
index 0000000..a7d7ec7
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/enpoints/EndpointsContainer.java
@@ -0,0 +1,22 @@
+package org.gcube.common.authorization.library.enpoints;
+
+import java.util.Map;
+
+public class EndpointsContainer {
+
+	private Map<Integer, AuthorizationEndpoint> endpoints;
+	private String defaultInfrastructure;
+	protected EndpointsContainer(Map<Integer, AuthorizationEndpoint> endpoints,
+			String defaultInfrastructure) {
+		super();
+		this.endpoints = endpoints;
+		this.defaultInfrastructure = defaultInfrastructure;
+	}
+	public Map<Integer, AuthorizationEndpoint> getEndpoints() {
+		return endpoints;
+	}
+	public String getDefaultInfrastructure() {
+		return defaultInfrastructure;
+	}
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/User.java b/src/main/java/org/gcube/common/authorization/library/policies/User.java
index 5176236..123afa9 100644
--- a/src/main/java/org/gcube/common/authorization/library/policies/User.java
+++ b/src/main/java/org/gcube/common/authorization/library/policies/User.java
@@ -1,5 +1,7 @@
 package org.gcube.common.authorization.library.policies;
 
+import java.util.List;
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
@@ -16,6 +18,10 @@ public class User extends UserEntity {
 		super(identifier);
 	}
 		
+	protected User(List<String> excludes) {
+		super(excludes);
+	}
+	
 	@Override
 	public UserEntityType getType() {
 		return UserEntityType.USER;
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Users.java b/src/main/java/org/gcube/common/authorization/library/policies/Users.java
index d281dd2..faee9a3 100644
--- a/src/main/java/org/gcube/common/authorization/library/policies/Users.java
+++ b/src/main/java/org/gcube/common/authorization/library/policies/Users.java
@@ -1,5 +1,7 @@
 package org.gcube.common.authorization.library.policies;
 
+import java.util.Arrays;
+
 
 public class Users {
 
@@ -10,5 +12,9 @@ public class Users {
 	public static User all(){
 		return new User();
 	}
+	
+	public static User allExcept(String ... identifiers){
+		return new User(Arrays.asList(identifiers));
+	}
 		
 }
diff --git a/src/main/resources/authorization-endpoint.xml b/src/main/resources/default.authorization
similarity index 100%
rename from src/main/resources/authorization-endpoint.xml
rename to src/main/resources/default.authorization
diff --git a/src/test/java/org/gcube/common/authorization/library/binder/EndpointBinder.java b/src/test/java/org/gcube/common/authorization/library/binder/EndpointBinder.java
index fd0ae7c..742c33c 100644
--- a/src/test/java/org/gcube/common/authorization/library/binder/EndpointBinder.java
+++ b/src/test/java/org/gcube/common/authorization/library/binder/EndpointBinder.java
@@ -58,7 +58,7 @@ public class EndpointBinder {
 	
 	@Test
 	public void scan(){
-		Map<Integer, AuthorizationEndpoint> endpoints = AuthorizationEndpointScanner.endpoints();
+		Map<Integer, AuthorizationEndpoint> endpoints = AuthorizationEndpointScanner.endpoints().getEndpoints();
 		System.out.println(endpoints);
 	}