Docker changes and Music Integration

Issue-ID: PORTAL-136, PORTAL-155, PORTAL-210,PORTAL-217

Includes JUNITS and docker changes, music integration and security fixes

Change-Id: Ib974401b48efc1f0d4f98036b0028043c3283691
Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>

38 files changed, 1778 insertions, 277 deletions

diff --git a/deliveries/.env b/deliveries/.env
index 76f9b620..32ccb94e 100644
--- a/deliveries/.env
+++ b/deliveries/.env
@@ -6,6 +6,8 @@
 EP_IMG_NAME=onap/portal-app
 SDK_IMG_NAME=onap/portal-sdk
 DB_IMG_NAME=onap/portal-db
+CDR_IMG_NAME=onap/music/cassandra_music
+ZK_IMG_NAME=zookeeper
 WMS_IMG_NAME=onap/portal-wms
 # Deployed with portal; built elsewhere
 CLI_IMG_NAME=onap/cli
diff --git a/deliveries/Apps_Users_OnBoarding_Script.sql b/deliveries/Apps_Users_OnBoarding_Script.sql
index 14e9ff2d..75a36abc 100644
--- a/deliveries/Apps_Users_OnBoarding_Script.sql
+++ b/deliveries/Apps_Users_OnBoarding_Script.sql
@@ -6,7 +6,7 @@ SET FOREIGN_KEY_CHECKS=1;
 -- Apps; note that the IDs are used below.
 
 INSERT INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES 
-(2, 'xDemo App', 'images/cache/portal-222865671_37476.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/welcome.htm', NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL),
+(2, 'xDemo App', 'images/cache/portal-222865671_37476.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/welcome.htm', NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL),
 (3, 'DMaaP Bus Ctrl', 'images/cache/portal944583064_80711.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/dbc#/dmaap', NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'N', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL),
 (4, 'SDC', 'images/cache/portal956868231_53879.png', NULL, NULL, 'http://sdc.api.simpledemo.onap.org:8181/sdc1/portal', NULL, 'http://sdc.api.simpledemo.onap.org:8080/api/v2', '', '', NULL, '78ot0W94rpB0o4FYzVoIOg==', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), 
 (5, 'Policy', 'images/cache/portal1470452815_67021.png', NULL, NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/policy', NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL),
diff --git a/deliveries/build_portalapps_dockers.sh b/deliveries/build_portalapps_dockers.sh
index d4f8968e..f7510acc 100755
--- a/deliveries/build_portalapps_dockers.sh
+++ b/deliveries/build_portalapps_dockers.sh
@@ -119,6 +119,14 @@ DB_DOCKER_CMD="
 "
 $DB_DOCKER_CMD
 
+# Copy cassandra scripts to required directories
+# Portal
+cp $BASEDIR/ecomp-portal-DB-common/*.cql ${DELIVDIR}
+# SDK app
+cp $BASEDIR/sdk/ecomp-sdk/epsdk-app-common/db-scripts/*.cql ${DELIVDIR}
+
+
+
 echo "Build portal docker image"
 PORTAL_DOCKER_CMD="
   docker build -t ${EP_IMG_NAME}:${PORTAL_TAG} ${PROXY_ARGS}
diff --git a/deliveries/cassandra/cassandra.yaml b/deliveries/cassandra/cassandra.yaml
new file mode 100644
index 00000000..291d1d73
--- /dev/null
+++ b/deliveries/cassandra/cassandra.yaml
@@ -0,0 +1,1001 @@
+# Cassandra storage config YAML
+
+# NOTE:
+#   See http://wiki.apache.org/cassandra/StorageConfiguration for
+#   full explanations of configuration directives
+# /NOTE
+
+# The name of the cluster. This is mainly used to prevent machines in
+# one logical cluster from joining another.
+cluster_name: 'Portal Cluster'
+
+# This defines the number of tokens randomly assigned to this node on the ring
+# The more tokens, relative to other nodes, the larger the proportion of data
+# that this node will store. You probably want all nodes to have the same number
+# of tokens assuming they have equal hardware capability.
+#
+# If you leave this unspecified, Cassandra will use the default of 1 token for legacy compatibility,
+# and will use the initial_token as described below.
+#
+# Specifying initial_token will override this setting on the node's initial start,
+# on subsequent starts, this setting will apply even if initial token is set.
+#
+# If you already have a cluster with 1 token per node, and wish to migrate to
+# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations
+num_tokens: 256
+
+# Triggers automatic allocation of num_tokens tokens for this node. The allocation
+# algorithm attempts to choose tokens in a way that optimizes replicated load over
+# the nodes in the datacenter for the replication strategy used by the specified
+# keyspace.
+#
+# The load assigned to each node will be close to proportional to its number of
+# vnodes.
+#
+# Only supported with the Murmur3Partitioner.
+# allocate_tokens_for_keyspace: KEYSPACE
+
+# initial_token allows you to specify tokens manually.  While you can use # it with
+# vnodes (num_tokens > 1, above) -- in which case you should provide a
+# comma-separated list -- it's primarily used when adding nodes # to legacy clusters
+# that do not have vnodes enabled.
+# initial_token:
+
+# See http://wiki.apache.org/cassandra/HintedHandoff
+# May either be "true" or "false" to enable globally
+hinted_handoff_enabled: true
+# When hinted_handoff_enabled is true, a black list of data centers that will not
+# perform hinted handoff
+#hinted_handoff_disabled_datacenters:
+#    - DC1
+#    - DC2
+# this defines the maximum amount of time a dead host will have hints
+# generated.  After it has been dead this long, new hints for it will not be
+# created until it has been seen alive and gone down again.
+max_hint_window_in_ms: 10800000 # 3 hours
+
+# Maximum throttle in KBs per second, per delivery thread.  This will be
+# reduced proportionally to the number of nodes in the cluster.  (If there
+# are two nodes in the cluster, each delivery thread will use the maximum
+# rate; if there are three, each will throttle to half of the maximum,
+# since we expect two nodes to be delivering hints simultaneously.)
+hinted_handoff_throttle_in_kb: 1024
+
+# Number of threads with which to deliver hints;
+# Consider increasing this number when you have multi-dc deployments, since
+# cross-dc handoff tends to be slower
+max_hints_delivery_threads: 2
+
+# Directory where Cassandra should store hints.
+# If not set, the default directory is $CASSANDRA_HOME/data/hints.
+# hints_directory: /var/lib/cassandra/hints
+
+# How often hints should be flushed from the internal buffers to disk.
+# Will *not* trigger fsync.
+hints_flush_period_in_ms: 10000
+
+# Maximum size for a single hints file, in megabytes.
+max_hints_file_size_in_mb: 128
+
+# Compression to apply to the hint files. If omitted, hints files
+# will be written uncompressed. LZ4, Snappy, and Deflate compressors
+# are supported.
+#hints_compression:
+#   - class_name: LZ4Compressor
+#     parameters:
+#         -
+
+# Maximum throttle in KBs per second, total. This will be
+# reduced proportionally to the number of nodes in the cluster.
+batchlog_replay_throttle_in_kb: 1024
+
+# Authentication backend, implementing IAuthenticator; used to identify users
+# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator,
+# PasswordAuthenticator}.
+#
+# - AllowAllAuthenticator performs no checks - set it to disable authentication.
+# - PasswordAuthenticator relies on username/password pairs to authenticate
+#   users. It keeps usernames and hashed passwords in system_auth.roles table.
+#   Please increase system_auth keyspace replication factor if you use this authenticator.
+#   If using PasswordAuthenticator, CassandraRoleManager must also be used (see below)
+authenticator: PasswordAuthenticator
+
+# Authorization backend, implementing IAuthorizer; used to limit access/provide permissions
+# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer,
+# CassandraAuthorizer}.
+#
+# - AllowAllAuthorizer allows any action to any user - set it to disable authorization.
+# - CassandraAuthorizer stores permissions in system_auth.role_permissions table. Please
+#   increase system_auth keyspace replication factor if you use this authorizer.
+authorizer: CassandraAuthorizer
+
+# Part of the Authentication & Authorization backend, implementing IRoleManager; used
+# to maintain grants and memberships between roles.
+# Out of the box, Cassandra provides org.apache.cassandra.auth.CassandraRoleManager,
+# which stores role information in the system_auth keyspace. Most functions of the
+# IRoleManager require an authenticated login, so unless the configured IAuthenticator
+# actually implements authentication, most of this functionality will be unavailable.
+#
+# - CassandraRoleManager stores role data in the system_auth keyspace. Please
+#   increase system_auth keyspace replication factor if you use this role manager.
+role_manager: CassandraRoleManager
+
+# Validity period for roles cache (fetching permissions can be an
+# expensive operation depending on the authorizer). Granted roles are cached for
+# authenticated sessions in AuthenticatedUser and after the period specified
+# here, become eligible for (async) reload.
+# Defaults to 2000, set to 0 to disable.
+# Will be disabled automatically for AllowAllAuthenticator.
+roles_validity_in_ms: 2000
+
+# Refresh interval for roles cache (if enabled).
+# After this interval, cache entries become eligible for refresh. Upon next
+# access, an async reload is scheduled and the old value returned until it
+# completes. If roles_validity_in_ms is non-zero, then this must be
+# also.
+# Defaults to the same value as roles_validity_in_ms.
+# roles_update_interval_in_ms: 1000
+
+# Validity period for permissions cache (fetching permissions can be an
+# expensive operation depending on the authorizer, CassandraAuthorizer is
+# one example). Defaults to 2000, set to 0 to disable.
+# Will be disabled automatically for AllowAllAuthorizer.
+permissions_validity_in_ms: 2000
+
+# Refresh interval for permissions cache (if enabled).
+# After this interval, cache entries become eligible for refresh. Upon next
+# access, an async reload is scheduled and the old value returned until it
+# completes. If permissions_validity_in_ms is non-zero, then this must be
+# also.
+# Defaults to the same value as permissions_validity_in_ms.
+# permissions_update_interval_in_ms: 1000
+
+# The partitioner is responsible for distributing groups of rows (by
+# partition key) across nodes in the cluster.  You should leave this
+# alone for new clusters.  The partitioner can NOT be changed without
+# reloading all data, so when upgrading you should set this to the
+# same partitioner you were already using.
+#
+# Besides Murmur3Partitioner, partitioners included for backwards
+# compatibility include RandomPartitioner, ByteOrderedPartitioner, and
+# OrderPreservingPartitioner.
+#
+partitioner: org.apache.cassandra.dht.Murmur3Partitioner
+
+# Directories where Cassandra should store data on disk.  Cassandra
+# will spread data evenly across them, subject to the granularity of
+# the configured compaction strategy.
+# If not set, the default directory is $CASSANDRA_HOME/data/data.
+data_file_directories:
+    - /var/lib/cassandra/data
+
+# commit log.  when running on magnetic HDD, this should be a
+# separate spindle than the data directories.
+# If not set, the default directory is $CASSANDRA_HOME/data/commitlog.
+commitlog_directory: /var/lib/cassandra/commitlog
+
+# policy for data disk failures:
+# die: shut down gossip and client transports and kill the JVM for any fs errors or
+#      single-sstable errors, so the node can be replaced.
+# stop_paranoid: shut down gossip and client transports even for single-sstable errors,
+#                kill the JVM for errors during startup.
+# stop: shut down gossip and client transports, leaving the node effectively dead, but
+#       can still be inspected via JMX, kill the JVM for errors during startup.
+# best_effort: stop using the failed disk and respond to requests based on
+#              remaining available sstables.  This means you WILL see obsolete
+#              data at CL.ONE!
+# ignore: ignore fatal errors and let requests fail, as in pre-1.2 Cassandra
+disk_failure_policy: stop
+
+# policy for commit disk failures:
+# die: shut down gossip and Thrift and kill the JVM, so the node can be replaced.
+# stop: shut down gossip and Thrift, leaving the node effectively dead, but
+#       can still be inspected via JMX.
+# stop_commit: shutdown the commit log, letting writes collect but
+#              continuing to service reads, as in pre-2.0.5 Cassandra
+# ignore: ignore fatal errors and let the batches fail
+commit_failure_policy: stop
+
+# Maximum size of the key cache in memory.
+#
+# Each key cache hit saves 1 seek and each row cache hit saves 2 seeks at the
+# minimum, sometimes more. The key cache is fairly tiny for the amount of
+# time it saves, so it's worthwhile to use it at large numbers.
+# The row cache saves even more time, but must contain the entire row,
+# so it is extremely space-intensive. It's best to only use the
+# row cache if you have hot rows or static rows.
+#
+# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup.
+#
+# Default value is empty to make it "auto" (min(5% of Heap (in MB), 100MB)). Set to 0 to disable key cache.
+key_cache_size_in_mb:
+
+# Duration in seconds after which Cassandra should
+# save the key cache. Caches are saved to saved_caches_directory as
+# specified in this configuration file.
+#
+# Saved caches greatly improve cold-start speeds, and is relatively cheap in
+# terms of I/O for the key cache. Row cache saving is much more expensive and
+# has limited use.
+#
+# Default is 14400 or 4 hours.
+key_cache_save_period: 14400
+
+# Number of keys from the key cache to save
+# Disabled by default, meaning all keys are going to be saved
+# key_cache_keys_to_save: 100
+
+# Row cache implementation class name.
+# Available implementations:
+#   org.apache.cassandra.cache.OHCProvider                Fully off-heap row cache implementation (default).
+#   org.apache.cassandra.cache.SerializingCacheProvider   This is the row cache implementation availabile
+#                                                         in previous releases of Cassandra.
+# row_cache_class_name: org.apache.cassandra.cache.OHCProvider
+
+# Maximum size of the row cache in memory.
+# Please note that OHC cache implementation requires some additional off-heap memory to manage
+# the map structures and some in-flight memory during operations before/after cache entries can be
+# accounted against the cache capacity. This overhead is usually small compared to the whole capacity.
+# Do not specify more memory that the system can afford in the worst usual situation and leave some
+# headroom for OS block level cache. Do never allow your system to swap.
+#
+# Default value is 0, to disable row caching.
+row_cache_size_in_mb: 0
+
+# Duration in seconds after which Cassandra should save the row cache.
+# Caches are saved to saved_caches_directory as specified in this configuration file.
+#
+# Saved caches greatly improve cold-start speeds, and is relatively cheap in
+# terms of I/O for the key cache. Row cache saving is much more expensive and
+# has limited use.
+#
+# Default is 0 to disable saving the row cache.
+row_cache_save_period: 0
+
+# Number of keys from the row cache to save.
+# Specify 0 (which is the default), meaning all keys are going to be saved
+# row_cache_keys_to_save: 100
+
+# Maximum size of the counter cache in memory.
+#
+# Counter cache helps to reduce counter locks' contention for hot counter cells.
+# In case of RF = 1 a counter cache hit will cause Cassandra to skip the read before
+# write entirely. With RF > 1 a counter cache hit will still help to reduce the duration
+# of the lock hold, helping with hot counter cell updates, but will not allow skipping
+# the read entirely. Only the local (clock, count) tuple of a counter cell is kept
+# in memory, not the whole counter, so it's relatively cheap.
+#
+# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup.
+#
+# Default value is empty to make it "auto" (min(2.5% of Heap (in MB), 50MB)). Set to 0 to disable counter cache.
+# NOTE: if you perform counter deletes and rely on low gcgs, you should disable the counter cache.
+counter_cache_size_in_mb:
+
+# Duration in seconds after which Cassandra should
+# save the counter cache (keys only). Caches are saved to saved_caches_directory as
+# specified in this configuration file.
+#
+# Default is 7200 or 2 hours.
+counter_cache_save_period: 7200
+
+# Number of keys from the counter cache to save
+# Disabled by default, meaning all keys are going to be saved
+# counter_cache_keys_to_save: 100
+
+# saved caches
+# If not set, the default directory is $CASSANDRA_HOME/data/saved_caches.
+saved_caches_directory: /var/lib/cassandra/saved_caches
+
+# commitlog_sync may be either "periodic" or "batch."
+#
+# When in batch mode, Cassandra won't ack writes until the commit log
+# has been fsynced to disk.  It will wait
+# commitlog_sync_batch_window_in_ms milliseconds between fsyncs.
+# This window should be kept short because the writer threads will
+# be unable to do extra work while waiting.  (You may need to increase
+# concurrent_writes for the same reason.)
+#
+# commitlog_sync: batch
+# commitlog_sync_batch_window_in_ms: 2
+#
+# the other option is "periodic" where writes may be acked immediately
+# and the CommitLog is simply synced every commitlog_sync_period_in_ms
+# milliseconds.
+commitlog_sync: periodic
+commitlog_sync_period_in_ms: 10000
+
+# The size of the individual commitlog file segments.  A commitlog
+# segment may be archived, deleted, or recycled once all the data
+# in it (potentially from each columnfamily in the system) has been
+# flushed to sstables.
+#
+# The default size is 32, which is almost always fine, but if you are
+# archiving commitlog segments (see commitlog_archiving.properties),
+# then you probably want a finer granularity of archiving; 8 or 16 MB
+# is reasonable.
+# Max mutation size is also configurable via max_mutation_size_in_kb setting in
+# cassandra.yaml. The default is half the size commitlog_segment_size_in_mb * 1024.
+# This should be positive and less than 2048.
+#
+# NOTE: If max_mutation_size_in_kb is set explicitly then commitlog_segment_size_in_mb must
+# be set to at least twice the size of max_mutation_size_in_kb / 1024
+#
+commitlog_segment_size_in_mb: 32
+
+# Compression to apply to the commit log. If omitted, the commit log
+# will be written uncompressed.  LZ4, Snappy, and Deflate compressors
+# are supported.
+#commitlog_compression:
+#   - class_name: LZ4Compressor
+#     parameters:
+#         -
+
+# any class that implements the SeedProvider interface and has a
+# constructor that takes a Map<String, String> of parameters will do.
+seed_provider:
+    # Addresses of hosts that are deemed contact points.
+    # Cassandra nodes use this list of hosts to find each other and learn
+    # the topology of the ring.  You must change this if you are running
+    # multiple nodes!
+    - class_name: org.apache.cassandra.locator.SimpleSeedProvider
+      parameters:
+          # seeds is actually a comma-delimited list of addresses.
+          # Ex: "<ip1>,<ip2>,<ip3>"
+          - seeds: "127.0.0.1"
+
+# For workloads with more data than can fit in memory, Cassandra's
+# bottleneck will be reads that need to fetch data from
+# disk. "concurrent_reads" should be set to (16 * number_of_drives) in
+# order to allow the operations to enqueue low enough in the stack
+# that the OS and drives can reorder them. Same applies to
+# "concurrent_counter_writes", since counter writes read the current
+# values before incrementing and writing them back.
+#
+# On the other hand, since writes are almost never IO bound, the ideal
+# number of "concurrent_writes" is dependent on the number of cores in
+# your system; (8 * number_of_cores) is a good rule of thumb.
+concurrent_reads: 32
+concurrent_writes: 32
+concurrent_counter_writes: 32
+
+# For materialized view writes, as there is a read involved, so this should
+# be limited by the less of concurrent reads or concurrent writes.
+concurrent_materialized_view_writes: 32
+
+# Maximum memory to use for pooling sstable buffers. Defaults to the smaller
+# of 1/4 of heap or 512MB. This pool is allocated off-heap, so is in addition
+# to the memory allocated for heap. Memory is only allocated as needed.
+# file_cache_size_in_mb: 512
+
+# Flag indicating whether to allocate on or off heap when the sstable buffer
+# pool is exhausted, that is when it has exceeded the maximum memory
+# file_cache_size_in_mb, beyond which it will not cache buffers but allocate on request.
+
+# buffer_pool_use_heap_if_exhausted: true
+
+# The strategy for optimizing disk read
+# Possible values are:
+# ssd (for solid state disks, the default)
+# spinning (for spinning disks)
+# disk_optimization_strategy: ssd
+
+# Total permitted memory to use for memtables. Cassandra will stop
+# accepting writes when the limit is exceeded until a flush completes,
+# and will trigger a flush based on memtable_cleanup_threshold
+# If omitted, Cassandra will set both to 1/4 the size of the heap.
+# memtable_heap_space_in_mb: 2048
+# memtable_offheap_space_in_mb: 2048
+
+# Ratio of occupied non-flushing memtable size to total permitted size
+# that will trigger a flush of the largest memtable. Larger mct will
+# mean larger flushes and hence less compaction, but also less concurrent
+# flush activity which can make it difficult to keep your disks fed
+# under heavy write load.
+#
+# memtable_cleanup_threshold defaults to 1 / (memtable_flush_writers + 1)
+# memtable_cleanup_threshold: 0.11
+
+# Specify the way Cassandra allocates and manages memtable memory.
+# Options are:
+#   heap_buffers:    on heap nio buffers
+#
+# Note: offheap_buffers are not supported in Cassandra 3.0 - 3.3.
+# They have been re-introduced in Cassandra 3.4. For details see
+# https://issues.apache.org/jira/browse/CASSANDRA-9472 and
+# https://issues.apache.org/jira/browse/CASSANDRA-11039
+memtable_allocation_type: heap_buffers
+
+# Total space to use for commit logs on disk.
+#
+# If space gets above this value, Cassandra will flush every dirty CF
+# in the oldest segment and remove it.  So a small total commitlog space
+# will tend to cause more flush activity on less-active columnfamilies.
+#
+# The default value is the smaller of 8192, and 1/4 of the total space
+# of the commitlog volume.
+#
+# commitlog_total_space_in_mb: 8192
+
+# This sets the amount of memtable flush writer threads.  These will
+# be blocked by disk io, and each one will hold a memtable in memory
+# while blocked.
+#
+# memtable_flush_writers defaults to the smaller of (number of disks,
+# number of cores), with a minimum of 2 and a maximum of 8.
+#
+# If your data directories are backed by SSD, you should increase this
+# to the number of cores.
+#memtable_flush_writers: 8
+
+# A fixed memory pool size in MB for for SSTable index summaries. If left
+# empty, this will default to 5% of the heap size. If the memory usage of
+# all index summaries exceeds this limit, SSTables with low read rates will
+# shrink their index summaries in order to meet this limit.  However, this
+# is a best-effort process. In extreme conditions Cassandra may need to use
+# more than this amount of memory.
+index_summary_capacity_in_mb:
+
+# How frequently index summaries should be resampled.  This is done
+# periodically to redistribute memory from the fixed-size pool to sstables
+# proportional their recent read rates.  Setting to -1 will disable this
+# process, leaving existing index summaries at their current sampling level.
+index_summary_resize_interval_in_minutes: 60
+
+# Whether to, when doing sequential writing, fsync() at intervals in
+# order to force the operating system to flush the dirty
+# buffers. Enable this to avoid sudden dirty buffer flushing from
+# impacting read latencies. Almost always a good idea on SSDs; not
+# necessarily on platters.
+trickle_fsync: false
+trickle_fsync_interval_in_kb: 10240
+
+# TCP port, for commands and data
+# For security reasons, you should not expose this port to the internet.  Firewall it if needed.
+storage_port: 7000
+
+# SSL port, for encrypted communication.  Unused unless enabled in
+# encryption_options
+# For security reasons, you should not expose this port to the internet.  Firewall it if needed.
+ssl_storage_port: 7001
+
+# Address or interface to bind to and tell other Cassandra nodes to connect to.
+# You _must_ change this if you want multiple nodes to be able to communicate!
+#
+# Set listen_address OR listen_interface, not both. Interfaces must correspond
+# to a single address, IP aliasing is not supported.
+#
+# Leaving it blank leaves it up to InetAddress.getLocalHost(). This
+# will always do the Right Thing _if_ the node is properly configured
+# (hostname, name resolution, etc), and the Right Thing is to use the
+# address associated with the hostname (it might not be).
+#
+# Setting listen_address to 0.0.0.0 is always wrong.
+#
+# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address
+# you can specify which should be chosen using listen_interface_prefer_ipv6. If false the first ipv4
+# address will be used. If true the first ipv6 address will be used. Defaults to false preferring
+# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6.
+listen_address: localhost
+# listen_interface: eth0
+# listen_interface_prefer_ipv6: false
+
+# Address to broadcast to other Cassandra nodes
+# Leaving this blank will set it to the same value as listen_address
+# broadcast_address: 1.2.3.4
+
+# When using multiple physical network interfaces, set this
+# to true to listen on broadcast_address in addition to
+# the listen_address, allowing nodes to communicate in both
+# interfaces.
+# Ignore this property if the network configuration automatically
+# routes  between the public and private networks such as EC2.
+# listen_on_broadcast_address: false
+
+# Internode authentication backend, implementing IInternodeAuthenticator;
+# used to allow/disallow connections from peer nodes.
+# internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator
+
+# Whether to start the native transport server.
+# Please note that the address on which the native transport is bound is the
+# same as the rpc_address. The port however is different and specified below.
+start_native_transport: true
+# port for the CQL native transport to listen for clients on
+# For security reasons, you should not expose this port to the internet.  Firewall it if needed.
+native_transport_port: 9042
+# Enabling native transport encryption in client_encryption_options allows you to either use
+# encryption for the standard port or to use a dedicated, additional port along with the unencrypted
+# standard native_transport_port.
+# Enabling client encryption and keeping native_transport_port_ssl disabled will use encryption
+# for native_transport_port. Setting native_transport_port_ssl to a different value
+# from native_transport_port will use encryption for native_transport_port_ssl while
+# keeping native_transport_port unencrypted.
+# native_transport_port_ssl: 9142
+# The maximum threads for handling requests when the native transport is used.
+# This is similar to rpc_max_threads though the default differs slightly (and
+# there is no native_transport_min_threads, idle threads will always be stopped
+# after 30 seconds).
+# native_transport_max_threads: 128
+#
+# The maximum size of allowed frame. Frame (requests) larger than this will
+# be rejected as invalid. The default is 256MB. If you're changing this parameter,
+# you may want to adjust max_value_size_in_mb accordingly. This should be positive and less than 2048.
+# native_transport_max_frame_size_in_mb: 256
+
+# The maximum number of concurrent client connections.
+# The default is -1, which means unlimited.
+# native_transport_max_concurrent_connections: -1
+
+# The maximum number of concurrent client connections per source ip.
+# The default is -1, which means unlimited.
+# native_transport_max_concurrent_connections_per_ip: -1
+
+# Whether to start the thrift rpc server.
+start_rpc: false
+
+# The address or interface to bind the Thrift RPC service and native transport
+# server to.
+#
+# Set rpc_address OR rpc_interface, not both. Interfaces must correspond
+# to a single address, IP aliasing is not supported.
+#
+# Leaving rpc_address blank has the same effect as on listen_address
+# (i.e. it will be based on the configured hostname of the node).
+#
+# Note that unlike listen_address, you can specify 0.0.0.0, but you must also
+# set broadcast_rpc_address to a value other than 0.0.0.0.
+#
+# For security reasons, you should not expose this port to the internet.  Firewall it if needed.
+#
+# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address
+# you can specify which should be chosen using rpc_interface_prefer_ipv6. If false the first ipv4
+# address will be used. If true the first ipv6 address will be used. Defaults to false preferring
+# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6.
+rpc_address: localhost
+# rpc_interface: eth1
+# rpc_interface_prefer_ipv6: false
+
+# port for Thrift to listen for clients on
+rpc_port: 9160
+
+# RPC address to broadcast to drivers and other Cassandra nodes. This cannot
+# be set to 0.0.0.0. If left blank, this will be set to the value of
+# rpc_address. If rpc_address is set to 0.0.0.0, broadcast_rpc_address must
+# be set.
+# broadcast_rpc_address: 1.2.3.4
+
+# enable or disable keepalive on rpc/native connections
+rpc_keepalive: true
+
+# Cassandra provides two out-of-the-box options for the RPC Server:
+#
+# sync  -> One thread per thrift connection. For a very large number of clients, memory
+#          will be your limiting factor. On a 64 bit JVM, 180KB is the minimum stack size
+#          per thread, and that will correspond to your use of virtual memory (but physical memory
+#          may be limited depending on use of stack space).
+#
+# hsha  -> Stands for "half synchronous, half asynchronous." All thrift clients are handled
+#          asynchronously using a small number of threads that does not vary with the amount
+#          of thrift clients (and thus scales well to many clients). The rpc requests are still
+#          synchronous (one thread per active request). If hsha is selected then it is essential
+#          that rpc_max_threads is changed from the default value of unlimited.
+#
+# The default is sync because on Windows hsha is about 30% slower.  On Linux,
+# sync/hsha performance is about the same, with hsha of course using less memory.
+#
+# Alternatively,  can provide your own RPC server by providing the fully-qualified class name
+# of an o.a.c.t.TServerFactory that can create an instance of it.
+rpc_server_type: sync
+
+# Uncomment rpc_min|max_thread to set request pool size limits.
+#
+# Regardless of your choice of RPC server (see above), the number of maximum requests in the
+# RPC thread pool dictates how many concurrent requests are possible (but if you are using the sync
+# RPC server, it also dictates the number of clients that can be connected at all).
+#
+# The default is unlimited and thus provides no protection against clients overwhelming the server. You are
+# encouraged to set a maximum that makes sense for you in production, but do keep in mind that
+# rpc_max_threads represents the maximum number of client requests this server may execute concurrently.
+#
+# rpc_min_threads: 16
+# rpc_max_threads: 2048
+
+# uncomment to set socket buffer sizes on rpc connections
+# rpc_send_buff_size_in_bytes:
+# rpc_recv_buff_size_in_bytes:
+
+# Uncomment to set socket buffer size for internode communication
+# Note that when setting this, the buffer size is limited by net.core.wmem_max
+# and when not setting it it is defined by net.ipv4.tcp_wmem
+# See:
+# /proc/sys/net/core/wmem_max
+# /proc/sys/net/core/rmem_max
+# /proc/sys/net/ipv4/tcp_wmem
+# /proc/sys/net/ipv4/tcp_wmem
+# and: man tcp
+# internode_send_buff_size_in_bytes:
+# internode_recv_buff_size_in_bytes:
+
+# Frame size for thrift (maximum message length).
+thrift_framed_transport_size_in_mb: 15
+
+# Set to true to have Cassandra create a hard link to each sstable
+# flushed or streamed locally in a backups/ subdirectory of the
+# keyspace data.  Removing these links is the operator's
+# responsibility.
+incremental_backups: false
+
+# Whether or not to take a snapshot before each compaction.  Be
+# careful using this option, since Cassandra won't clean up the
+# snapshots for you.  Mostly useful if you're paranoid when there
+# is a data format change.
+snapshot_before_compaction: false
+
+# Whether or not a snapshot is taken of the data before keyspace truncation
+# or dropping of column families. The STRONGLY advised default of true
+# should be used to provide data safety. If you set this flag to false, you will
+# lose data on truncation or drop.
+auto_snapshot: true
+
+# When executing a scan, within or across a partition, we need to keep the
+# tombstones seen in memory so we can return them to the coordinator, which
+# will use them to make sure other replicas also know about the deleted rows.
+# With workloads that generate a lot of tombstones, this can cause performance
+# problems and even exaust the server heap.
+# (http://www.datastax.com/dev/blog/cassandra-anti-patterns-queues-and-queue-like-datasets)
+# Adjust the thresholds here if you understand the dangers and want to
+# scan more tombstones anyway.  These thresholds may also be adjusted at runtime
+# using the StorageService mbean.
+tombstone_warn_threshold: 1000
+tombstone_failure_threshold: 100000
+
+# Granularity of the collation index of rows within a partition.
+# Increase if your rows are large, or if you have a very large
+# number of rows per partition.  The competing goals are these:
+#   1) a smaller granularity means more index entries are generated
+#      and looking up rows withing the partition by collation column
+#      is faster
+#   2) but, Cassandra will keep the collation index in memory for hot
+#      rows (as part of the key cache), so a larger granularity means
+#      you can cache more hot rows
+column_index_size_in_kb: 64
+
+
+# Log WARN on any batch size exceeding this value. 5kb per batch by default.
+# Caution should be taken on increasing the size of this threshold as it can lead to node instability.
+batch_size_warn_threshold_in_kb: 5
+
+# Fail any batch exceeding this value. 50kb (10x warn threshold) by default.
+batch_size_fail_threshold_in_kb: 50
+
+# Log WARN on any batches not of type LOGGED than span across more partitions than this limit
+unlogged_batch_across_partitions_warn_threshold: 10
+
+# Number of simultaneous compactions to allow, NOT including
+# validation "compactions" for anti-entropy repair.  Simultaneous
+# compactions can help preserve read performance in a mixed read/write
+# workload, by mitigating the tendency of small sstables to accumulate
+# during a single long running compactions. The default is usually
+# fine and if you experience problems with compaction running too
+# slowly or too fast, you should look at
+# compaction_throughput_mb_per_sec first.
+#
+# concurrent_compactors defaults to the smaller of (number of disks,
+# number of cores), with a minimum of 2 and a maximum of 8.
+#
+# If your data directories are backed by SSD, you should increase this
+# to the number of cores.
+#concurrent_compactors: 1
+
+# Throttles compaction to the given total throughput across the entire
+# system. The faster you insert data, the faster you need to compact in
+# order to keep the sstable count down, but in general, setting this to
+# 16 to 32 times the rate you are inserting data is more than sufficient.
+# Setting this to 0 disables throttling. Note that this account for all types
+# of compaction, including validation compaction.
+compaction_throughput_mb_per_sec: 16
+
+# Log a warning when compacting partitions larger than this value
+compaction_large_partition_warning_threshold_mb: 100
+
+# When compacting, the replacement sstable(s) can be opened before they
+# are completely written, and used in place of the prior sstables for
+# any range that has been written. This helps to smoothly transfer reads
+# between the sstables, reducing page cache churn and keeping hot rows hot
+sstable_preemptive_open_interval_in_mb: 50
+
+# Throttles all outbound streaming file transfers on this node to the
+# given total throughput in Mbps. This is necessary because Cassandra does
+# mostly sequential IO when streaming data during bootstrap or repair, which
+# can lead to saturating the network connection and degrading rpc performance.
+# When unset, the default is 200 Mbps or 25 MB/s.
+# stream_throughput_outbound_megabits_per_sec: 200
+
+# Throttles all streaming file transfer between the datacenters,
+# this setting allows users to throttle inter dc stream throughput in addition
+# to throttling all network stream traffic as configured with
+# stream_throughput_outbound_megabits_per_sec
+# When unset, the default is 200 Mbps or 25 MB/s
+# inter_dc_stream_throughput_outbound_megabits_per_sec: 200
+
+# How long the coordinator should wait for read operations to complete
+read_request_timeout_in_ms: 5000
+# How long the coordinator should wait for seq or index scans to complete
+range_request_timeout_in_ms: 10000
+# How long the coordinator should wait for writes to complete
+write_request_timeout_in_ms: 2000
+# How long the coordinator should wait for counter writes to complete
+counter_write_request_timeout_in_ms: 5000
+# How long a coordinator should continue to retry a CAS operation
+# that contends with other proposals for the same row
+cas_contention_timeout_in_ms: 1000
+# How long the coordinator should wait for truncates to complete
+# (This can be much longer, because unless auto_snapshot is disabled
+# we need to flush first so we can snapshot before removing the data.)
+truncate_request_timeout_in_ms: 60000
+# The default timeout for other, miscellaneous operations
+request_timeout_in_ms: 10000
+
+# Enable operation timeout information exchange between nodes to accurately
+# measure request timeouts.  If disabled, replicas will assume that requests
+# were forwarded to them instantly by the coordinator, which means that
+# under overload conditions we will waste that much extra time processing
+# already-timed-out requests.
+#
+# Warning: before enabling this property make sure to ntp is installed
+# and the times are synchronized between the nodes.
+cross_node_timeout: false
+
+# Set socket timeout for streaming operation.
+# The stream session is failed if no data/ack is received by any of the participants
+# within that period, which means this should also be sufficient to stream a large
+# sstable or rebuild table indexes.
+# Default value is 86400000ms, which means stale streams timeout after 24 hours.
+# A value of zero means stream sockets should never time out.
+# streaming_socket_timeout_in_ms: 86400000
+
+# phi value that must be reached for a host to be marked down.
+# most users should never need to adjust this.
+# phi_convict_threshold: 8
+
+# endpoint_snitch -- Set this to a class that implements
+# IEndpointSnitch.  The snitch has two functions:
+# - it teaches Cassandra enough about your network topology to route
+#   requests efficiently
+# - it allows Cassandra to spread replicas around your cluster to avoid
+#   correlated failures. It does this by grouping machines into
+#   "datacenters" and "racks."  Cassandra will do its best not to have
+#   more than one replica on the same "rack" (which may not actually
+#   be a physical location)
+#
+# CASSANDRA WILL NOT ALLOW YOU TO SWITCH TO AN INCOMPATIBLE SNITCH
+# ONCE DATA IS INSERTED INTO THE CLUSTER.  This would cause data loss.
+# This means that if you start with the default SimpleSnitch, which
+# locates every node on "rack1" in "datacenter1", your only options
+# if you need to add another datacenter are GossipingPropertyFileSnitch
+# (and the older PFS).  From there, if you want to migrate to an
+# incompatible snitch like Ec2Snitch you can do it by adding new nodes
+# under Ec2Snitch (which will locate them in a new "datacenter") and
+# decommissioning the old ones.
+#
+# Out of the box, Cassandra provides
+#  - SimpleSnitch:
+#    Treats Strategy order as proximity. This can improve cache
+#    locality when disabling read repair.  Only appropriate for
+#    single-datacenter deployments.
+#  - GossipingPropertyFileSnitch
+#    This should be your go-to snitch for production use.  The rack
+#    and datacenter for the local node are defined in
+#    cassandra-rackdc.properties and propagated to other nodes via
+#    gossip.  If cassandra-topology.properties exists, it is used as a
+#    fallback, allowing migration from the PropertyFileSnitch.
+#  - PropertyFileSnitch:
+#    Proximity is determined by rack and data center, which are
+#    explicitly configured in cassandra-topology.properties.
+#  - Ec2Snitch:
+#    Appropriate for EC2 deployments in a single Region. Loads Region
+#    and Availability Zone information from the EC2 API. The Region is
+#    treated as the datacenter, and the Availability Zone as the rack.
+#    Only private IPs are used, so this will not work across multiple
+#    Regions.
+#  - Ec2MultiRegionSnitch:
+#    Uses public IPs as broadcast_address to allow cross-region
+#    connectivity.  (Thus, you should set seed addresses to the public
+#    IP as well.) You will need to open the storage_port or
+#    ssl_storage_port on the public IP firewall.  (For intra-Region
+#    traffic, Cassandra will switch to the private IP after
+#    establishing a connection.)
+#  - RackInferringSnitch:
+#    Proximity is determined by rack and data center, which are
+#    assumed to correspond to the 3rd and 2nd octet of each node's IP
+#    address, respectively.  Unless this happens to match your
+#    deployment conventions, this is best used as an example of
+#    writing a custom Snitch class and is provided in that spirit.
+#
+# You can use a custom Snitch by setting this to the full class name
+# of the snitch, which will be assumed to be on your classpath.
+endpoint_snitch: SimpleSnitch
+
+# controls how often to perform the more expensive part of host score
+# calculation
+dynamic_snitch_update_interval_in_ms: 100
+# controls how often to reset all host scores, allowing a bad host to
+# possibly recover
+dynamic_snitch_reset_interval_in_ms: 600000
+# if set greater than zero and read_repair_chance is < 1.0, this will allow
+# 'pinning' of replicas to hosts in order to increase cache capacity.
+# The badness threshold will control how much worse the pinned host has to be
+# before the dynamic snitch will prefer other replicas over it.  This is
+# expressed as a double which represents a percentage.  Thus, a value of
+# 0.2 means Cassandra would continue to prefer the static snitch values
+# until the pinned host was 20% worse than the fastest.
+dynamic_snitch_badness_threshold: 0.1
+
+# request_scheduler -- Set this to a class that implements
+# RequestScheduler, which will schedule incoming client requests
+# according to the specific policy. This is useful for multi-tenancy
+# with a single Cassandra cluster.
+# NOTE: This is specifically for requests from the client and does
+# not affect inter node communication.
+# org.apache.cassandra.scheduler.NoScheduler - No scheduling takes place
+# org.apache.cassandra.scheduler.RoundRobinScheduler - Round robin of
+# client requests to a node with a separate queue for each
+# request_scheduler_id. The scheduler is further customized by
+# request_scheduler_options as described below.
+request_scheduler: org.apache.cassandra.scheduler.NoScheduler
+
+# Scheduler Options vary based on the type of scheduler
+# NoScheduler - Has no options
+# RoundRobin
+#  - throttle_limit -- The throttle_limit is the number of in-flight
+#                      requests per client.  Requests beyond
+#                      that limit are queued up until
+#                      running requests can complete.
+#                      The value of 80 here is twice the number of
+#                      concurrent_reads + concurrent_writes.
+#  - default_weight -- default_weight is optional and allows for
+#                      overriding the default which is 1.
+#  - weights -- Weights are optional and will default to 1 or the
+#               overridden default_weight. The weight translates into how
+#               many requests are handled during each turn of the
+#               RoundRobin, based on the scheduler id.
+#
+# request_scheduler_options:
+#    throttle_limit: 80
+#    default_weight: 5
+#    weights:
+#      Keyspace1: 1
+#      Keyspace2: 5
+
+# request_scheduler_id -- An identifier based on which to perform
+# the request scheduling. Currently the only valid option is keyspace.
+# request_scheduler_id: keyspace
+
+# Enable or disable inter-node encryption
+# Default settings are TLS v1, RSA 1024-bit keys (it is imperative that
+# users generate their own keys) TLS_RSA_WITH_AES_128_CBC_SHA as the cipher
+# suite for authentication, key exchange and encryption of the actual data transfers.
+# Use the DHE/ECDHE ciphers if running in FIPS 140 compliant mode.
+# NOTE: No custom encryption options are enabled at the moment
+# The available internode options are : all, none, dc, rack
+#
+# If set to dc cassandra will encrypt the traffic between the DCs
+# If set to rack cassandra will encrypt the traffic between the racks
+#
+# The passwords used in these options must match the passwords used when generating
+# the keystore and truststore.  For instructions on generating these files, see:
+# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
+#
+server_encryption_options:
+    internode_encryption: none
+    keystore: conf/.keystore
+    keystore_password: cassandra
+    truststore: conf/.truststore
+    truststore_password: cassandra
+    # More advanced defaults below:
+    # protocol: TLS
+    # algorithm: SunX509
+    # store_type: JKS
+    # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+    # require_client_auth: false
+
+# enable or disable client/server encryption.
+client_encryption_options:
+    enabled: false
+    # If enabled and optional is set to true encrypted and unencrypted connections are handled.
+    optional: false
+    keystore: conf/.keystore
+    keystore_password: cassandra
+    # require_client_auth: false
+    # Set trustore and truststore_password if require_client_auth is true
+    # truststore: conf/.truststore
+    # truststore_password: cassandra
+    # More advanced defaults below:
+    # protocol: TLS
+    # algorithm: SunX509
+    # store_type: JKS
+    # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+
+# internode_compression controls whether traffic between nodes is
+# compressed.
+# can be:  all  - all traffic is compressed
+#          dc   - traffic between different datacenters is compressed
+#          none - nothing is compressed.
+internode_compression: all
+
+# Enable or disable tcp_nodelay for inter-dc communication.
+# Disabling it will result in larger (but fewer) network packets being sent,
+# reducing overhead from the TCP protocol itself, at the cost of increasing
+# latency if you block for cross-datacenter responses.
+inter_dc_tcp_nodelay: false
+
+# TTL for different trace types used during logging of the repair process.
+tracetype_query_ttl: 86400
+tracetype_repair_ttl: 604800
+
+# By default, Cassandra logs GC Pauses greater than 200 ms at INFO level
+# This threshold can be adjusted to minimize logging if necessary
+# gc_log_threshold_in_ms: 200
+
+# GC Pauses greater than gc_warn_threshold_in_ms will be logged at WARN level
+# If unset, all GC Pauses greater than gc_log_threshold_in_ms will log at
+# INFO level
+# Adjust the threshold based on your application throughput requirement
+gc_warn_threshold_in_ms: 1000
+
+# UDFs (user defined functions) are disabled by default.
+# As of Cassandra 3.0 there is a sandbox in place that should prevent execution of evil code.
+enable_user_defined_functions: false
+
+# Enables scripted UDFs (JavaScript UDFs).
+# Java UDFs are always enabled, if enable_user_defined_functions is true.
+# Enable this option to be able to use UDFs with "language javascript" or any custom JSR-223 provider.
+# This option has no effect, if enable_user_defined_functions is false.
+enable_scripted_user_defined_functions: false
+
+# The default Windows kernel timer and scheduling resolution is 15.6ms for power conservation.
+# Lowering this value on Windows can provide much tighter latency and better throughput, however
+# some virtualized environments may see a negative performance impact from changing this setting
+# below their system default. The sysinternals 'clockres' tool can confirm your system's default
+# setting.
+windows_timer_interval: 1
+
+# Maximum size of any value in SSTables. Safety measure to detect SSTable corruption
+# early. Any value size larger than this threshold will result into marking an SSTable
+# as corrupted. This should be positive and less than 2048.
+# max_value_size_in_mb: 256
+
+# Coalescing Strategies #
+# Coalescing multiples messages turns out to significantly boost message processing throughput (think doubling or more).
+# On bare metal, the floor for packet processing throughput is high enough that many applications won't notice, but in
+# virtualized environments, the point at which an application can be bound by network packet processing can be
+# surprisingly low compared to the throughput of task processing that is possible inside a VM. It's not that bare metal
+# doesn't benefit from coalescing messages, it's that the number of packets a bare metal network interface can process
+# is sufficient for many applications such that no load starvation is experienced even without coalescing.
+# There are other benefits to coalescing network messages that are harder to isolate with a simple metric like messages
+# per second. By coalescing multiple tasks together, a network thread can process multiple messages for the cost of one
+# trip to read from a socket, and all the task submission work can be done at the same time reducing context switching
+# and increasing cache friendliness of network message processing.
+# See CASSANDRA-8692 for details.
+
+# Strategy to use for coalescing messages in OutboundTcpConnection.
+# Can be fixed, movingaverage, timehorizon (default), disabled.
+# You can also specify a subclass of CoalescingStrategies.CoalescingStrategy by name.
+# otc_coalescing_strategy: TIMEHORIZON
+
+# How many microseconds to wait for coalescing. For fixed strategy this is the amount of time after the first
+# message is received before it will be sent with any accompanying messages. For moving average this is the
+# maximum amount of time that will be waited as well as the interval at which messages must arrive on average
+# for coalescing to be enabled.
+# otc_coalescing_window_us: 200
+
+# Do not try to coalesce messages if we already got that many messages. This should be more than 2 and less than 128.
+# otc_coalescing_enough_coalesced_messages: 8
+
+# How many milliseconds to wait between two expiration runs on the backlog (queue) of the OutboundTcpConnection.
+# Expiration is done if messages are piling up in the backlog. Droppable messages are expired to free the memory
+# taken by expired messages. The interval should be between 0 and 1000, and in most installations the default value
+# will be appropriate. A smaller value could potentially expire messages slightly sooner at the expense of more CPU
+# time and queue contention while iterating the backlog of messages.
+# An interval of 0 disables any wait time, which is the behavior of former Cassandra versions.
+#
+# otc_backlog_expiration_interval_ms: 200
diff --git a/deliveries/cassandra/docker-entrypoint.sh b/deliveries/cassandra/docker-entrypoint.sh
new file mode 100644
index 00000000..e46dea9f
--- /dev/null
+++ b/deliveries/cassandra/docker-entrypoint.sh
@@ -0,0 +1,73 @@
+#!/bin/bash
+set -e
+
+# first arg is `-f` or `--some-option`
+# or there are no args
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+	set -- cassandra -f "$@"
+fi
+
+# allow the container to be started with `--user`
+if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then
+	chown -R cassandra /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG"
+	exec gosu cassandra "$BASH_SOURCE" "$@"
+fi
+
+if [ "$1" = 'cassandra' ]; then
+	: ${CASSANDRA_RPC_ADDRESS='0.0.0.0'}
+
+	: ${CASSANDRA_LISTEN_ADDRESS='auto'}
+	if [ "$CASSANDRA_LISTEN_ADDRESS" = 'auto' ]; then
+		CASSANDRA_LISTEN_ADDRESS="$(hostname --ip-address)"
+	fi
+
+	: ${CASSANDRA_BROADCAST_ADDRESS="$CASSANDRA_LISTEN_ADDRESS"}
+
+	if [ "$CASSANDRA_BROADCAST_ADDRESS" = 'auto' ]; then
+		CASSANDRA_BROADCAST_ADDRESS="$(hostname --ip-address)"
+	fi
+	: ${CASSANDRA_BROADCAST_RPC_ADDRESS:=$CASSANDRA_BROADCAST_ADDRESS}
+
+	if [ -n "${CASSANDRA_NAME:+1}" ]; then
+		: ${CASSANDRA_SEEDS:="cassandra"}
+	fi
+	: ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"}
+	
+	sed -ri 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/' "$CASSANDRA_CONFIG/cassandra.yaml"
+
+	for yaml in \
+		broadcast_address \
+		broadcast_rpc_address \
+		cluster_name \
+		endpoint_snitch \
+		listen_address \
+		num_tokens \
+		rpc_address \
+		start_rpc \
+	; do
+		var="CASSANDRA_${yaml^^}"
+		val="${!var}"
+		if [ "$val" ]; then
+			sed -ri 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' "$CASSANDRA_CONFIG/cassandra.yaml"
+		fi
+	done
+
+	for rackdc in dc rack; do
+		var="CASSANDRA_${rackdc^^}"
+		val="${!var}"
+		if [ "$val" ]; then
+			sed -ri 's/^('"$rackdc"'=).*/\1 '"$val"'/' "$CASSANDRA_CONFIG/cassandra-rackdc.properties"
+		fi
+	done
+fi
+echo "################################ Let run Scripts ##############################"
+for f in /docker-entrypoint-initdb.d/*; do
+    case "$f" in
+        *.cql)    echo "$0: running $f" && until cqlsh -u cassandra -p cassandra -f "$f"; do >&2 echo "Cassandra is unavailable - sleeping"; sleep 2; done & ;;
+        *)        echo "$0: ignoring $f" ;;
+    esac
+    echo
+done
+echo "################################ Let run Scripts End ##############################"
+
+exec "$@"
diff --git a/deliveries/docker-compose.yml b/deliveries/docker-compose.yml
index 4e5879e7..29a2cce6 100644
--- a/deliveries/docker-compose.yml
+++ b/deliveries/docker-compose.yml
@@ -38,6 +38,41 @@ services:
       test: [ "CMD", "mysqladmin", "ping", "-h", "localhost" ]
       timeout: 10s
       retries: 30
+      
+  # Config files may use hostname "portal-cassandra"
+  portal-cassandra:
+    image: ${CDR_IMG_NAME}:${PORTAL_TAG}
+    environment:
+      - CASSUSER=root
+      - CASSPASS=Aa123456
+    expose:
+      - 7000
+      - 7001
+      - 7199
+      - 9042
+      - 9160
+    ports:
+      - 7000:7000
+      - 7001:7001
+      - 7199:7199
+      - 9042:9042
+      - 9160:9160
+    volumes:
+      - ./portal.cql:/docker-entrypoint-initdb.d/zzz_portal.cql
+      - ./portalsdk.cql:/docker-entrypoint-initdb.d/zzz_portalsdk.cql
+    links:
+      - portal-db      
+    depends_on:
+      portal-db:
+        condition: service_healthy
+        
+  # Config files may use hostname "portal-zk"
+  portal-zk:
+    image: ${ZK_IMG_NAME}:${PORTAL_TAG}
+    expose:
+      - 2181
+    ports:
+      - 2181:2181           
 
   # The app config file uses the docker name above
   portal-wms:
@@ -75,6 +110,7 @@ services:
       - ${PROPS_DIR}/ONAPPORTAL/system.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/conf/system.properties
       - ${PROPS_DIR}/ONAPPORTAL/fusion.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/fusion/conf/fusion.properties
       - ${PROPS_DIR}/ONAPPORTAL/portal.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/portal.properties
+      - ${PROPS_DIR}/ONAPPORTAL/music.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/music.properties
       - ${PROPS_DIR}/ONAPPORTAL/openid-connect.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/openid-connect.properties
       - ${PROPS_DIR}/ONAPPORTAL/logback.xml:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/logback.xml
       - ${LOGS_DIR}:/opt/apache-tomcat-8.0.37/logs
@@ -102,6 +138,7 @@ services:
       - ${PROPS_DIR}/ONAPPORTALSDK/fusion.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties
       - ${PROPS_DIR}/ONAPPORTALSDK/system.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/conf/system.properties
       - ${PROPS_DIR}/ONAPPORTALSDK/portal.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/portal.properties
+      - ${PROPS_DIR}/ONAPPORTALSDK/music.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/music.properties
       - ${PROPS_DIR}/ONAPPORTALSDK/logback.xml:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/logback.xml
       - ${LOGS_DIR}:/opt/apache-tomcat-8.0.37/logs
     command:
diff --git a/deliveries/local-dev-host-start.sh b/deliveries/local-dev-host-start.sh
index 4230c393..7268dcf7 100644
--- a/deliveries/local-dev-host-start.sh
+++ b/deliveries/local-dev-host-start.sh
@@ -20,6 +20,8 @@ echo "Using properties directory $PROPS_DIR"
 # Constants as of Oct 2017, Amsterdam release
 NEXUS_REPO=nexus3.onap.org:10001
 CLI_IMG_VERSION=1.1-STAGING-latest
+CDR_IMG_VERSION=latest
+ZK_IMG_VERSION=3.4
 
 # Pull and tag the CLI image, which is provided elsewhere.
 # Authenticate like this; the username and password are NOT stored here.
@@ -27,6 +29,14 @@ docker login -u username -p password $NEXUS_REPO
 docker pull $NEXUS_REPO/$CLI_IMG_NAME:${CLI_IMG_VERSION}
 docker tag $NEXUS_REPO/$CLI_IMG_NAME:${CLI_IMG_VERSION} $CLI_IMG_NAME:$PORTAL_TAG
 
+# Pull and tag the Music Cassandra image.
+docker pull $NEXUS_REPO/$CDR_IMG_NAME:${CDR_IMG_VERSION}
+docker tag $NEXUS_REPO/$CDR_IMG_NAME:${CDR_IMG_VERSION} $CDR_IMG_NAME:$PORTAL_TAG
+
+# Pull and tag the ZK image.
+docker pull library/$ZK_IMG_NAME:${ZK_IMG_VERSION}
+docker tag library/$ZK_IMG_NAME:${ZK_IMG_VERSION} $ZK_IMG_NAME:$PORTAL_TAG
+
 # Create local logs directory
 # The leading "./" is required for docker-compose
 export LOGS_DIR=./logs
@@ -38,4 +48,4 @@ export EXTRA_HOST_NAME="portal.api.simpledemo.onap.org"
 
 # (re)start containers
 docker-compose down
-docker-compose up -d 
+docker-compose up -d 
\ No newline at end of file
diff --git a/deliveries/os_docker_base.sh b/deliveries/os_docker_base.sh
index 2c4a3912..94832ff5 100755
--- a/deliveries/os_docker_base.sh
+++ b/deliveries/os_docker_base.sh
@@ -24,17 +24,22 @@ NEXUS_REPO=nexus3.onap.org:10003
 # Establish environment variables
 source $(dirname $0)/.env
 
-APPS_VERSION="${NEXUS_REPO}/${EP_IMG_NAME}:${VERSION}"
+APP_VERSION="${NEXUS_REPO}/${EP_IMG_NAME}:${VERSION}"
+SDK_VERSION="${NEXUS_REPO}/${SDK_IMG_NAME}:${VERSION}"
 DB_VERSION="${NEXUS_REPO}/${DB_IMG_NAME}:${VERSION}"
 WMS_VERSION="${NEXUS_REPO}/${WMS_IMG_NAME}:${VERSION}"
 
-APPS_LATEST="${NEXUS_REPO}/${EP_IMG_NAME}:${LATEST}"
+APP_LATEST="${NEXUS_REPO}/${EP_IMG_NAME}:${LATEST}"
+SDK_LATEST="${NEXUS_REPO}/${SDK_IMG_NAME}:${LATEST}"
 DB_LATEST="${NEXUS_REPO}/${DB_IMG_NAME}:${LATEST}"
 WMS_LATEST="${NEXUS_REPO}/${WMS_IMG_NAME}:${LATEST}"
 
 # tag versions
-docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APPS_VERSION}
-docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APPS_LATEST}
+docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APP_VERSION}
+docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APP_LATEST}
+
+docker tag ${SDK_IMG_NAME}:${PORTAL_TAG} ${SDK_VERSION}
+docker tag ${SDK_IMG_NAME}:${PORTAL_TAG} ${SDK_LATEST}
 
 docker tag ${DB_IMG_NAME}:${PORTAL_TAG} ${DB_VERSION}
 docker tag ${DB_IMG_NAME}:${PORTAL_TAG} ${DB_LATEST}
@@ -43,8 +48,11 @@ docker tag ${WMS_IMG_NAME}:${PORTAL_TAG} ${WMS_VERSION}
 docker tag ${WMS_IMG_NAME}:${PORTAL_TAG} ${WMS_LATEST}
 
 # push to registry
-docker push ${APPS_VERSION}
-docker push ${APPS_LATEST}
+docker push ${APP_VERSION}
+docker push ${APP_LATEST}
+
+docker push ${SDK_VERSION}
+docker push ${SDK_LATEST}
 
 docker push ${DB_VERSION}
 docker push ${DB_LATEST}
diff --git a/deliveries/properties_simpledemo/ONAPPORTAL/music.properties b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties
new file mode 100644
index 00000000..8d0b3253
--- /dev/null
+++ b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties
@@ -0,0 +1,20 @@
+music.version = v2
+music.keyspace = keyspaces
+music.session.keyspace = portal
+music.tables = tables
+music.session.attr.tables = spring_session_attributes
+music.session.meta.tables = spring_session
+music.consistency.info = type
+music.consistency.info.value = eventual
+music.cache = false
+music.session.max.inactive.interval.seconds = 1800
+music.serialize.compress = true
+
+#By default it's eventual
+music.atomic.get = false 
+music.atomic.put = true
+
+cassandra.host=portal.api.simpledemo.onap.org
+zookeeper.host=portal.api.simpledemo.onap.org
+cassandra.user=root
+cassandra.password=Aa123456
\ No newline at end of file
diff --git a/deliveries/properties_simpledemo/ONAPPORTAL/system.properties b/deliveries/properties_simpledemo/ONAPPORTAL/system.properties
index 865a6139..bee40fc6 100644
--- a/deliveries/properties_simpledemo/ONAPPORTAL/system.properties
+++ b/deliveries/properties_simpledemo/ONAPPORTAL/system.properties
@@ -13,7 +13,7 @@ hb.idle_connection_test_period = 3600
 
 app_display_name = Portal
 files_path = /tmp
-context_root = ECOMPPORTAL
+context_root = ONAPPORTAL
 # menu settings
 menu_query_name                      = menuData
 menu_properties_file_location        = /WEB-INF/fusion/menu/
@@ -46,8 +46,6 @@ sessiontimeout_feed_cron	  = 0 0/5 * * * ? *
 #Front end URL
 frontend_url                  = http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/applicationsHome 
 
-#cookie domain
-cookie_domain = onap.org
 
 # An Unqiue 128-bit value defined to indentify a specific version of
 # ECOMP Portal deployed on a specific virtual machine.
@@ -86,7 +84,7 @@ notification_update_duration = 900
 microservices.widget.protocol = http
 microservices.widget.hostname = portal-wms
 microservices.widget.username = widget_user
-microservices.widget.password = KpuqIB08YHg+btG+pjX+sA==
+microservices.widget.password = M+KcrCMVrR1rAxtiFE49n1uXC3FCkNBqFgeYsubEC/U=
 #This property won't be needed after consul is functional on VMs -
 microservices.widget.local.port = 8082
 microservices.m-learn.local.port = 8083
@@ -98,3 +96,15 @@ auditlog_del_day_from = 365
 
 #External system notification URL
 external_system_notification_url= https://jira.onap.org/browse/
+
+# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now)
+ext_central_access_user_name = m00468@portal.onap.org
+ext_central_access_password = ByC0BEX2v5+4HBv2GA4S+Mi2iML+GrGNJ5Gxo/V/iWM=
+ext_central_access_url = https://aaftest.test.onap.org:8095/proxy/authz/
+ext_central_access_user_domain = @csp.onap.org
+
+# External Central Auth system access
+remote_centralized_system_access = false
+
+#cookie domain
+cookie_domain = onag.org
diff --git a/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties
new file mode 100644
index 00000000..53fddee5
--- /dev/null
+++ b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties
@@ -0,0 +1,20 @@
+music.version = v2
+music.keyspace = keyspaces
+music.session.keyspace = portalsdk
+music.tables = tables
+music.session.attr.tables = spring_session_attributes
+music.session.meta.tables = spring_session
+music.consistency.info = type
+music.consistency.info.value = eventual
+music.cache = false
+music.session.max.inactive.interval.seconds = 1800
+music.serialize.compress = true
+
+#By default it's eventual
+music.atomic.get = false 
+music.atomic.put = true
+
+cassandra.host=portal.api.simpledemo.onap.org
+zookeeper.host=portal.api.simpledemo.onap.org
+cassandra.user=root
+cassandra.password=Aa123456
\ No newline at end of file
diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml
index 320e77ad..7cdc7968 100644
--- a/ecomp-portal-BE-common/pom.xml
+++ b/ecomp-portal-BE-common/pom.xml
@@ -291,6 +291,12 @@
 			<groupId>org.elasticsearch</groupId>
 			<artifactId>elasticsearch</artifactId>
 			<version>2.2.0</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.lucene</groupId>
+					<artifactId>lucene-queryparser</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>io.searchbox</groupId>
@@ -441,6 +447,10 @@
 					<groupId>org.slf4j</groupId>
 					<artifactId>slf4j-log4j12</artifactId>
 				</exclusion>
+				<exclusion>
+					<groupId>org.apache.httpcomponents</groupId>
+					<artifactId>httpclient</artifactId>
+				</exclusion>	
 			</exclusions>
 		</dependency>
 		<dependency>
@@ -505,7 +515,7 @@
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
 			<artifactId>httpclient</artifactId>
-			<version>4.5.2</version>
+			<version>4.5.3</version>
 		</dependency>
 		<!-- for testing -->
 		<dependency>
@@ -578,7 +588,7 @@
 		<dependency>
 			<groupId>com.fasterxml.jackson.jaxrs</groupId>
 			<artifactId>jackson-jaxrs-json-provider</artifactId>
-			<version>2.9.2</version>
+			<version>2.8.10</version>
 		</dependency>
 		<dependency>
 			<groupId>org.glassfish.jersey.connectors</groupId>
@@ -601,6 +611,10 @@
              		<groupId>commons-beanutils</groupId>
              		<artifactId>commons-beanutils-core</artifactId>
             	 </exclusion>
+            	 <exclusion>
+             		<groupId>commons-httpclient</groupId>
+             		<artifactId>commons-httpclient</artifactId>
+            	 </exclusion>
               </exclusions>
         </dependency>
         <dependency>
@@ -643,7 +657,16 @@
 			<artifactId>logback-classic</artifactId>
 			<version>1.2.3</version>
 		</dependency>
-		
+		<dependency>
+    		<groupId>commons-collections</groupId>
+    		<artifactId>commons-collections</artifactId>
+    		<version>3.2.2</version>
+		</dependency>
+		<dependency>
+    		<groupId>xalan</groupId>
+    		<artifactId>xalan</artifactId>
+    		<version>2.7.2</version>
+		</dependency>
 		
 		
 	</dependencies>
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
index e0232850..e8fb71a6 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
@@ -37,6 +37,10 @@
  */
 package org.onap.portalapp.portal.controller;
 
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.UUID;
+
 import javax.servlet.http.HttpServletRequest;
 
 import org.slf4j.MDC;
@@ -45,6 +49,9 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+
+import com.att.eelf.configuration.Configuration;
+
 import org.onap.portalapp.controller.EPRestrictedBaseController;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
@@ -56,6 +63,7 @@ import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalsdk.core.domain.AuditLog;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.service.AuditService;
+import org.onap.portalsdk.core.util.SystemProperties;
 
 @RestController
 @RequestMapping("/portalApi/auditLog")
@@ -103,19 +111,34 @@ public class AuditLogController extends EPRestrictedBaseController {
 				AuditLog auditLog = new AuditLog();
 				auditLog.setActivityCode(cd_type);
 				/*
-				 * Check affectedAppId and comment and see if these two values are valid
+				 * Check affectedAppId and comment and see if these two values
+				 * are valid
 				 */
 				if (comment != null && !comment.equals("") && !comment.equals("undefined"))
-					auditLog.setComments(EcompPortalUtils.truncateString(comment, PortalConstants.AUDIT_LOG_COMMENT_SIZE));
+					auditLog.setComments(
+							EcompPortalUtils.truncateString(comment, PortalConstants.AUDIT_LOG_COMMENT_SIZE));
 				if (affectedAppId != null && !affectedAppId.equals("") && !affectedAppId.equals("undefined"))
 					auditLog.setAffectedRecordId(affectedAppId);
 				long userId = EPUserUtils.getUserId(request);
 				auditLog.setUserId(userId);
-				auditService.logActivity(auditLog, null);
-
-				// Log file
 				MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+				MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE);
+				MDC.put(Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
+				if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null) {
+					String requestId = UUID.randomUUID().toString();
+					MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
+				}
+				// Log file
 				MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+				SimpleDateFormat ecompLogDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSXXX");
+				String beginDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
+				Date beginDate = ecompLogDateFormat.parse(beginDateTime);
+				auditService.logActivity(auditLog, null);
+				String endDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
+				Date endDate = ecompLogDateFormat.parse(endDateTime);
+				String timeDifference = String.format("%d", endDate.getTime() - beginDate.getTime());
+				MDC.put(SystemProperties.MDC_TIMER, timeDifference);
+				MDC.put(EPCommonSystemProperties.STATUS_CODE, "COMPLETE");
 				logger.info(EELFLoggerDelegate.auditLogger, EPLogUtil.formatAuditLogMessage(
 						"AuditLogController.auditLog", cd_type, user.getOrgUserId(), affectedAppId, comment));
 				MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
@@ -123,6 +146,13 @@ public class AuditLogController extends EPRestrictedBaseController {
 			}
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "auditLog failed", e);
+			MDC.put(EPCommonSystemProperties.STATUS_CODE, "ERROR");
+		} finally{
+			MDC.remove(Configuration.MDC_SERVICE_NAME);
+			MDC.remove(EPCommonSystemProperties.PARTNER_NAME);
+			MDC.remove(SystemProperties.MDC_TIMER);
+			MDC.remove(Configuration.MDC_KEY_REQUEST_ID);
+			MDC.remove(EPCommonSystemProperties.STATUS_CODE);
 		}
 	}
 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java
index 4b364995..964ccb5b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java
@@ -273,19 +273,26 @@ public class DashboardController extends EPRestrictedBaseController {
 				auditLog.setUserId(user.getId());
 				auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_SEARCH);
 				auditLog.setComments(EcompPortalUtils.truncateString(searchString, PortalConstants.AUDIT_LOG_COMMENT_SIZE));
-				MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC());		
+				MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC());	
+				MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE);
+				MDC.put(com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
 				auditService.logActivity(auditLog, null);
 				MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+				
+				MDC.put(EPCommonSystemProperties.STATUS_CODE, "COMPLETE");
 				EcompPortalUtils.calculateDateTimeDifferenceForLog(MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
 				logger.info(EELFLoggerDelegate.auditLogger, EPLogUtil.formatAuditLogMessage("DashboardController.PortalRestResponse", 
 						EcompAuditLog.CD_ACTIVITY_SEARCH, user.getOrgUserId(), null, searchString));	
 				MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 				MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 				MDC.remove(SystemProperties.MDC_TIMER);
+				MDC.remove(EPCommonSystemProperties.STATUS_CODE);
 				return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", results);
 			}
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "searchPortal failed", e);
+			MDC.put(EPCommonSystemProperties.STATUS_CODE, "ERROR");
+			MDC.remove(EPCommonSystemProperties.STATUS_CODE);
 			return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage() + " - check logs.",
 					new HashMap<String, List<SearchResultItem>>());
 		}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
index 1e955c8b..f846253f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
@@ -209,10 +209,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
 	@ApiOperation(value = "Gets all role functions for an application for older version.", response = CentralRoleFunction.class, responseContainer="Json")
 	@RequestMapping(value = {
 			"/functions" }, method = RequestMethod.GET, produces = "application/json")
-	public List<RoleFunction> getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response)
+	public List<CentralRoleFunction> getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response)
 			throws Exception {
 		List<CentralV2RoleFunction> answer = null;
-		List<RoleFunction> roleFuncList = null;
+		List<CentralRoleFunction> roleFuncList = null;
 		logger.debug(EELFLoggerDelegate.debugLogger, "Request received for getRoleFunctionsList");
 		try {
 			fieldsValidation(request);
@@ -253,6 +253,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
 		logger.debug(EELFLoggerDelegate.debugLogger, "Request completed for getV2RoleFunctionsList");
 		return cenRoleFuncList;
 	}	
+	
 
 	@ApiOperation(value = "Gets role information for an application.", response = CentralRole.class, responseContainer="Json")
 	@RequestMapping(value = {
@@ -572,16 +573,32 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
 		return new PortalRestResponse<String>(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success");
 	}
 	
-	@ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json")
+	@ApiOperation(value = "Gets active roles for an application.", response = CentralRole.class, responseContainer = "Json")
 	@RequestMapping(value = { "/activeRoles" }, method = RequestMethod.GET, produces = "application/json")
-	public  List<CentralV2Role> getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception {
+	public  List<CentralRole> getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception {
+		List<CentralRole> roles = null;
+		try {
+			fieldsValidation(request);
+			List<CentralV2Role> cenRoles= externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY));
+			roles = externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(cenRoles);
+		} catch (Exception e) {
+			sendErrorResponse(response, e);		
+			logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e);
+		}
+		return roles;
+		
+	}
+	
+	@ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json")
+	@RequestMapping(value = { "/v1/activeRoles" }, method = RequestMethod.GET, produces = "application/json")
+	public  List<CentralV2Role> getV2ActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception {
 		List<CentralV2Role> cenRole = null;
 		try {
 			fieldsValidation(request);
 			cenRole = externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY));
 		} catch (Exception e) {
 			sendErrorResponse(response, e);		
-			logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e);
+			logger.error(EELFLoggerDelegate.errorLogger, "getV2ActiveRoles failed", e);
 		}
 		return cenRole;
 		
@@ -831,13 +848,12 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
 			@PathVariable("loginId") String loginId) throws Exception {
 		EcompUser user = null;
 		ObjectMapper mapper = new ObjectMapper();
-		CentralUser answer = null;
+		String answer = null;
 		try {
 			fieldsValidation(request);
-			answer = externalAccessRolesService.getUserRoles(loginId, request.getHeader(UEBKEY));
+			answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY));
 			if (answer != null) {
-				String res = mapper.writeValueAsString(answer);
-                User ecompUser = userservice.userMapper(res);
+                User ecompUser = userservice.userMapper(answer);
 				user = UserUtils.convertToEcompUser(ecompUser);
 			}
 		} catch (Exception e) {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
index 8f0558aa..dbea91f5 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -78,6 +78,7 @@ import org.onap.portalapp.portal.utils.PortalConstants;
 import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalsdk.core.domain.AuditLog;
 import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.RoleFunction;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.service.AuditService;
 import org.onap.portalsdk.core.util.SystemProperties;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
index c1127758..30795c0e 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
@@ -38,6 +38,7 @@
 package org.onap.portalapp.portal.logging.aop;
 
 import java.net.InetAddress;
+import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.UUID;
@@ -104,7 +105,7 @@ public class EPEELFLoggerAdvice {
 		String className = "";
 		if (passOnArgs.length > 0 && passOnArgs[0] != null)
 			className = passOnArgs[0].toString();
-		String methodName = "";
+		String methodName = EPCommonSystemProperties.ECOMP_PORTAL_BE;
 		if (passOnArgs.length > 1 && passOnArgs[1] != null)
 			methodName = passOnArgs[1].toString();
 
@@ -112,7 +113,7 @@ public class EPEELFLoggerAdvice {
 		MDC.put(className + methodName + EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP, getCurrentDateTimeUTC());
 		MDC.put(EPCommonSystemProperties.TARGET_ENTITY, EPCommonSystemProperties.ECOMP_PORTAL_BE);
 		MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, methodName);
-		if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null || MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){
+		if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null||MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){
 			String requestId = UUID.randomUUID().toString();
 			MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
 		}
@@ -149,7 +150,7 @@ public class EPEELFLoggerAdvice {
 		if (passOnArgs.length > 0 && passOnArgs[0] != null)
 			className = passOnArgs[0].toString();
 		// Method Name
-		String methodName = "";
+		String methodName =  EPCommonSystemProperties.ECOMP_PORTAL_BE;
 		if (passOnArgs.length > 1 && passOnArgs[1] != null)
 			methodName = passOnArgs[1].toString();
 
@@ -160,6 +161,14 @@ public class EPEELFLoggerAdvice {
 		if (MDC.get(EPCommonSystemProperties.TARGET_ENTITY) == null
 				|| MDC.get(EPCommonSystemProperties.TARGET_ENTITY) == "")
 			MDC.put(EPCommonSystemProperties.TARGET_ENTITY, EPCommonSystemProperties.ECOMP_PORTAL_BE);
+		
+		if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null||MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){
+			String requestId = UUID.randomUUID().toString();
+			MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
+		}
+		MDC.put(EPCommonSystemProperties.PARTNER_NAME, "Unknown");
+		MDC.put(Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
+
 
 		MDC.put(EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP,
 				MDC.get(className + methodName + EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP));
@@ -173,7 +182,7 @@ public class EPEELFLoggerAdvice {
 		if (securityEventType != null && args.length > 0 && args[0] != null && args[0] instanceof HttpServletRequest
 				&& securityEventType == SecurityEventTypeEnum.INCOMING_REST_MESSAGE
 				&& (MDC.get(EPCommonSystemProperties.FULL_URL) == null
-				|| MDC.get(EPCommonSystemProperties.FULL_URL).isEmpty())) {
+						|| MDC.get(EPCommonSystemProperties.FULL_URL).isEmpty())) {
 			HttpServletRequest req = (HttpServletRequest) args[0];
 			this.setHttpRequestBasedDefaultsIntoGlobalLoggingContext(req, securityEventType, methodName);
 		}
@@ -308,13 +317,12 @@ public class EPEELFLoggerAdvice {
 				MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
 
 				// Load user agent into MDC context, if available.
-				String accessingClient = "Unknown";
-				accessingClient = req.getHeader(SystemProperties.USERAGENT_NAME);
+				String accessingClient = req.getHeader(SystemProperties.USERAGENT_NAME);
+				accessingClient = (accessingClient == null || accessingClient.trim().length()==0)?"Unknown":accessingClient;
 				if (accessingClient != null && accessingClient.trim().length()==0 && (accessingClient.contains("Mozilla")
 						|| accessingClient.contains("Chrome") || accessingClient.contains("Safari"))) {
 					accessingClient = EPCommonSystemProperties.ECOMP_PORTAL_FE;
-				}else if(accessingClient==null || accessingClient.isEmpty())
-					accessingClient = "Unknown";
+				}
 				MDC.put(EPCommonSystemProperties.PARTNER_NAME, accessingClient);
 
 				// Load loginId into MDC context.
@@ -333,7 +341,8 @@ public class EPEELFLoggerAdvice {
 				MDC.put(EPCommonSystemProperties.FULL_URL, EPCommonSystemProperties.UNKNOWN);
 				MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP);
 				restURL = UserUtils.getFullURL(req);
-				if (restURL != null && restURL != "") {
+				//if (restURL != null && restURL != "") {
+				if (restURL != null && restURL.trim().length()>0) {
 					MDC.put(EPCommonSystemProperties.FULL_URL, restURL);
 					if (restURL.toLowerCase().contains("https")) {
 						MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS);
@@ -341,9 +350,11 @@ public class EPEELFLoggerAdvice {
 				}
 
 				// Rest Path
-				MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod);
+				MDC.put(Configuration.MDC_SERVICE_NAME, restMethod);
 				String restPath = req.getServletPath();
-				if (restPath != null && !restPath.isEmpty()) {
+				//if (restPath != null && restPath != "") {
+				if (restPath != null && restPath.trim().length()>0) {
+
 					MDC.put(Configuration.MDC_SERVICE_NAME, restPath);
 				}
 
@@ -360,7 +371,7 @@ public class EPEELFLoggerAdvice {
 				MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, "search");
 			}
 		} else {
-			MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod);
+			MDC.put(Configuration.MDC_SERVICE_NAME, restMethod);
 			MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE);
 		}
 
@@ -398,4 +409,5 @@ public class EPEELFLoggerAdvice {
 	public String getInternalResponseCode() {
 		return MDC.get(EPCommonSystemProperties.RESPONSE_CODE);
 	}
+
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java
index 941acaf6..0e566a99 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java
@@ -193,7 +193,7 @@ public class EPLdapServiceImpl extends FusionService implements EPLdapService {
 				for (NamingEnumeration e = resultAttributes.getAll(); e.hasMore();) { // why the nested loop?
 					Attribute attribute = (Attribute) e.next();
 					for (NamingEnumeration ie = attribute.getAll(); ie.hasMore();) {
-						if (attribute.getID().equalsIgnoreCase("nickname")) {
+						if (attribute.getID().equalsIgnoreCase("givenName")) {
 							user.setFirstName((String) ie.next());
 						} else if (attribute.getID().equalsIgnoreCase("initials")) {
 							user.setMiddleInitial((String) ie.next());
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
index bcf806b2..2f72bab2 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
@@ -51,6 +51,7 @@ import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.domain.ExternalRoleDetails;
 import org.onap.portalapp.portal.exceptions.InvalidUserException;
 import org.onap.portalapp.portal.transport.CentralRole;
+import org.onap.portalapp.portal.transport.CentralRoleFunction;
 import org.onap.portalapp.portal.transport.CentralUser;
 import org.onap.portalapp.portal.transport.CentralV2Role;
 import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
@@ -132,11 +133,11 @@ public interface ExternalAccessRolesService {
 	CentralV2Role getRoleInfo(Long roleId, String uebkey) throws Exception;
 	
 	/**
-	 *  It returns the CentralRoleFunction object 
+	 *  It returns the CentralV2RoleFunction object 
 	 *   
 	 * @param functionCode
 	 * @param uebkey 
-	 * @return CentralRoleFunction
+	 * @return CentralV2RoleFunction
 	 * @throws Exception 
 	 */
 	public CentralV2RoleFunction getRoleFunction(String functionCode, String uebkey) throws Exception;
@@ -150,7 +151,7 @@ public interface ExternalAccessRolesService {
 	 * @throws Exception 
 	 */
 	public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp requestedApp) throws Exception;
-
+	
 	/**
 	 * It deletes role function in the DB
 	 * 
@@ -335,11 +336,11 @@ public interface ExternalAccessRolesService {
 	public  List<EPRole> getGlobalRolesOfPortal();
 	
 	/**
-	 * It converts list of CentralRoleFunction objects to RoleFunction objects
+	 * It converts list of CentralV2RoleFunction objects to older version of CentralRoleFunction objects
 	 * @param answer contains list of CentralRoleFunction objects
-	 * @return List of RoleFunction objects
+	 * @return List of CentralRoleFunction objects
 	 */
-	public List<RoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer);
+	public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer);
 	
 	/**
 	 * 
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
index 39bd92d6..678672b1 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
@@ -107,6 +107,7 @@ import org.onap.portalsdk.core.domain.Role;
 import org.onap.portalsdk.core.domain.RoleFunction;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.restful.domain.EcompRole;
+import org.onap.portalsdk.core.restful.domain.EcompRoleFunction;
 import org.onap.portalsdk.core.restful.domain.EcompUser;
 import org.onap.portalsdk.core.service.DataAccessService;
 import org.onap.portalsdk.core.util.SystemProperties;
@@ -1324,8 +1325,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 						SortedSet<CentralV2RoleFunction> roleFunctionSet = new TreeSet<>();
 						for (CentralV2RoleFunction roleFunc : appRoleFunctionList) {
 							String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
+							String type = getFunctionCodeType(roleFunc.getCode());
+							String action = getFunctionCodeAction(roleFunc.getCode());
 							CentralV2RoleFunction cenRoleFunc = new CentralV2RoleFunction(roleFunc.getId(),
-									functionCode, roleFunc.getName(), null, null);
+									functionCode, roleFunc.getName(), null, type, action, null);
 							roleFunctionSet.add(cenRoleFunc);
 						}
 						Long userRoleId = null;
@@ -3080,79 +3083,116 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 	@Override
 	public List<String> getMenuFunctionsList(String uebkey) throws Exception {
 		List<String> appMenuFunctionsList = null;
+		List<String> appMenuFunctionsFinalList = new ArrayList<>();
 		try {
 			EPApp app = getApp(uebkey).get(0);
 			final Map<String, Long> appParams = new HashMap<>();
 			appParams.put(APP_ID, app.getId());
 			appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null);
+			for(String appMenuFunction : appMenuFunctionsList) {
+				if(appMenuFunction.contains(FUNCTION_PIPE)) {
+					appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction));
+				} else {
+					appMenuFunctionsFinalList.add(appMenuFunction);
+				}
+			}
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getMenuFunctionsList: Failed", e);
-			return appMenuFunctionsList;
+			return appMenuFunctionsFinalList;
 		}
-		return appMenuFunctionsList;
+		return appMenuFunctionsFinalList;
 	}
 
 	@SuppressWarnings({ "unchecked"})
 	@Override
 	public List<EcompUser> getAllAppUsers(String uebkey) throws Exception {
 		List<String> usersList = new ArrayList<>();
-		List<EcompUser> usersfinalList = new ArrayList<>();
-		try {
-			EPApp app = getApp(uebkey).get(0);
-			final Map<String, Long> appParams = new HashMap<>();
-			appParams.put("appId", app.getId());
-			List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
-					.executeNamedQuery("ApplicationUserRoles", appParams, null);
-			for (EcompUserRoles ecompUserRole : userList) {
-				boolean found = false;
-				Set<EcompRole> roles = null;
-				for (EcompUser user : usersfinalList) {
-					if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
-						EcompRole ecompRole = new EcompRole();
-						ecompRole.setId(ecompUserRole.getRoleId());
-						ecompRole.setName(ecompUserRole.getRoleName());
-						roles = user.getRoles();
-						roles.add(ecompRole);
-						user.setRoles(roles);
-						found = true;
-						break;
-					}
-				}
+        List<EcompUser> usersfinalList = new ArrayList<>();
+        try {
+               EPApp app = getApp(uebkey).get(0);
+               final Map<String, Long> appParams = new HashMap<>();
+               appParams.put("appId", app.getId());
+               List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
+                            .executeNamedQuery("ApplicationUserRoles", appParams, null);
+               for (EcompUserRoles ecompUserRole : userList) {
+                     boolean found = false;
+                     Set<EcompRole> roles = null;
+                     for (EcompUser user : usersfinalList) {
+                            if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
+                                   EcompRole ecompRole = new EcompRole();
+                                   ecompRole.setId(ecompUserRole.getRoleId());
+                                   ecompRole.setName(ecompUserRole.getRoleName());
+                                   roles = user.getRoles();
+                                   EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny()
+                                                 .orElse(null);
+                                   SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+                                   if(role != null)
+                                   {
+                                          roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions();
+                                   }
+                                          
+                             String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+                            functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+                            EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+                            epRoleFunction.setName(ecompUserRole.getFunctionName());
+                            epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+                            epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+                            epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+                            roleFunctionSet.add(epRoleFunction);
+                        ecompRole.setRoleFunctions(roleFunctionSet);
+                                   roles.add(ecompRole);
+                                   user.setRoles(roles);
+                                   found = true;
+                                   break;
+                            }
+                     }
+
+                     if (!found) {
+                            EcompUser epUser = new EcompUser();
+                            epUser.setOrgId(ecompUserRole.getOrgId());
+                            epUser.setManagerId(ecompUserRole.getManagerId());
+                            epUser.setFirstName(ecompUserRole.getFirstName());
+                            epUser.setLastName(ecompUserRole.getLastName());
+                            epUser.setPhone(ecompUserRole.getPhone());
+                            epUser.setEmail(ecompUserRole.getEmail());
+                            epUser.setOrgUserId(ecompUserRole.getOrgUserId());
+                            epUser.setOrgCode(ecompUserRole.getOrgCode());
+                            epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
+                            epUser.setJobTitle(ecompUserRole.getJobTitle());
+                            epUser.setLoginId(ecompUserRole.getLoginId());
+                            epUser.setActive(true);
+                            roles = new HashSet<>();
+                            EcompRole ecompRole = new EcompRole();
+                            ecompRole.setId(ecompUserRole.getRoleId());
+                            ecompRole.setName(ecompUserRole.getRoleName());
+              SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+              
+                            String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+              functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+              EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+              epRoleFunction.setName(ecompUserRole.getFunctionName());
+              epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+              epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+              epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+              roleFunctionSet.add(epRoleFunction);
+              ecompRole.setRoleFunctions(roleFunctionSet);
+                            roles.add(ecompRole);
+                            epUser.setRoles(roles);
+                            usersfinalList.add(epUser);
+                     }
+               }
+               ObjectMapper mapper = new ObjectMapper();
+
+               for (EcompUser u1 : usersfinalList) {
+                     String str = mapper.writeValueAsString(u1);
+                     usersList.add(str);
+               }
+        } catch (Exception e) {
+               logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
+               throw e;
+        }
+        return usersfinalList;
 
-				if (!found) {
-					EcompUser epUser = new EcompUser();
-					epUser.setOrgId(ecompUserRole.getOrgId());
-					epUser.setManagerId(ecompUserRole.getManagerId());
-					epUser.setFirstName(ecompUserRole.getFirstName());
-					epUser.setLastName(ecompUserRole.getLastName());
-					epUser.setPhone(ecompUserRole.getPhone());
-					epUser.setEmail(ecompUserRole.getEmail());
-					epUser.setOrgUserId(ecompUserRole.getOrgUserId());
-					epUser.setOrgCode(ecompUserRole.getOrgCode());
-					epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
-					epUser.setJobTitle(ecompUserRole.getJobTitle());
-					epUser.setLoginId(ecompUserRole.getLoginId());
-					epUser.setActive(true);
-					roles = new HashSet<>();
-					EcompRole ecompRole = new EcompRole();
-					ecompRole.setId(ecompUserRole.getRoleId());
-					ecompRole.setName(ecompUserRole.getRoleName());
-					roles.add(ecompRole);
-					epUser.setRoles(roles);
-					usersfinalList.add(epUser);
-				}
-			}
-			ObjectMapper mapper = new ObjectMapper();
-
-			for (EcompUser u1 : usersfinalList) {
-				String str = mapper.writeValueAsString(u1);
-				usersList.add(str);
-			}
-		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
-			throw e;
-		}
-		return usersfinalList;
 	}
 	
 
@@ -3304,10 +3344,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 	}
 	
 	@Override
-	public List<RoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) {
-		List<RoleFunction> addRoleFuncList = new ArrayList<>();
+	public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) {
+		List<CentralRoleFunction> addRoleFuncList = new ArrayList<>();
 		for(CentralV2RoleFunction cenRoleFunc : answer){
-			RoleFunction setRoleFunc = new RoleFunction();
+			CentralRoleFunction setRoleFunc = new CentralRoleFunction();
 			setRoleFunc.setCode(cenRoleFunc.getCode());
 			setRoleFunc.setName(cenRoleFunc.getName());
 			addRoleFuncList.add(setRoleFunc);
@@ -3324,6 +3364,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 			sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User);
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "getUserRoles: failed", e);
+			throw e;
 		}
 		return sendUserRoles;
 	}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java
index dc1a78fe..7214f80a 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java
@@ -42,6 +42,8 @@ import java.util.Date;
 import java.util.SortedSet;
 import java.util.TreeSet;
 
+import org.onap.portalsdk.core.domain.RoleFunction;
+
 public class CentralRole implements Serializable {
 
 	private static final long serialVersionUID = -9210905386086213882L;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java
index 6cc474a1..6d982c27 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java
@@ -248,4 +248,4 @@ public class CentralRoleFunction implements Serializable, Comparable {
 		return true;
 	}
 
-}
+}
\ No newline at end of file
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java
index 73409ede..a1d2ae30 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java
@@ -97,7 +97,27 @@ public class EcompUserRoles implements Serializable{
 	@Id
 	@Column(name = "active_yn")
 	private boolean active;
+	
+	@Id
+    @Column(name = "function_cd")
+    private String functionCode;
+    @Id
+    @Column(name = "function_name")
+    private String functionName;
+
  
+	public String getFunctionCode() {
+		return functionCode;
+	}
+	public void setFunctionCode(String functionCode) {
+		this.functionCode = functionCode;
+	}
+	public String getFunctionName() {
+		return functionName;
+	}
+	public void setFunctionName(String functionName) {
+		this.functionName = functionName;
+	}
 	public Long getOrgId() {
 		return orgId;
 	}
diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
index 5968b3ce..60174075 100644
--- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
+++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
@@ -2101,17 +2101,16 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
 	<sql-query name="ApplicationUserRoles">
 		<return alias="ApplicationUserRoles" class="org.onap.portalapp.portal.transport.EcompUserRoles" />
 		<![CDATA[ 
-		    select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, fu.login_id, 
-			fu.active_yn , fr.app_role_id, fr.role_name
-			from fn_user fu, fn_role fr, fn_user_role fur
-			where fu.user_id = fur.user_id and fu.active_yn='Y' and fur.role_id = fr.role_id and fr.app_id =:appId and fr.active_yn='Y'
-	     	union
-            select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, 
-            fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, 
-    		fu.login_id, fu.active_yn , fr.role_id, fr.role_name
-    		from fn_user_role a, fn_role fr, fn_user fu 
-    		where a.role_id in (select b.role_id from ep_app_role_function b where b.role_app_id = 1 and b.app_id =:appId) and a.user_id =fu.user_id and a.role_id = fr.role_id and fr.active_yn='Y' and fu.active_yn='Y'
-    		;
+		   select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, fu.login_id, 
+           fu.active_yn , fr.app_role_id, fr.role_name, epr.function_cd , epf.function_name
+           from fn_user fu, fn_role fr, fn_user_role fur, ep_app_role_function epr , ep_app_function epf
+           where fu.user_id = fur.user_id and fu.active_yn='Y' and fur.role_id = fr.role_id and fr.app_id =:appId and fr.active_yn='Y' and epr.function_cd= epf.function_cd and epf.app_id=epr.app_id and fur.role_id=epr.role_id
+           union
+           select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, 
+           fu.login_id, fu.active_yn , fr.role_id, fr.role_name, earf.function_cd , eaf.function_name
+           from fn_user_role a, fn_role fr, fn_user fu , ep_app_role_function earf, ep_app_function eaf
+           where a.role_id in (select b.role_id from ep_app_role_function b where b.role_app_id = 1 and b.app_id =:appId) and a.user_id =fu.user_id and a.role_id = fr.role_id and fr.active_yn='Y' and fu.active_yn='Y'
+           and earf.role_id = a.role_id and earf.function_cd = eaf.function_cd and earf.app_id = eaf.app_id  and earf.role_app_id = 1 and fr.active_yn='Y' and fu.active_yn='Y';
 		]]>
 	</sql-query>
 	
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
index 47a1394e..ecfd88f5 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
@@ -52,8 +52,8 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
+import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
 import org.mockito.Matchers;
 import org.mockito.Mock;
@@ -68,13 +68,25 @@ import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
 import org.onap.portalapp.portal.framework.MockitoTestSuite;
 import org.onap.portalapp.portal.service.ExternalAccessRolesService;
 import org.onap.portalapp.portal.service.ExternalAccessRolesServiceImpl;
+import org.onap.portalapp.portal.transport.CentralRole;
 import org.onap.portalapp.portal.transport.CentralRoleFunction;
 import org.onap.portalapp.portal.transport.CentralV2Role;
 import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
+import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
+import org.onap.portalapp.portal.utils.EcompPortalUtils;
+import org.onap.portalapp.portal.utils.PortalConstants;
 import org.onap.portalsdk.core.domain.AuditLog;
 import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.User;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.restful.domain.EcompUser;
-import org.springframework.beans.BeanUtils;
+import org.onap.portalsdk.core.service.AuditService;
+import org.onap.portalsdk.core.service.UserService;
+import org.onap.portalsdk.core.service.UserServiceCentalizedImpl;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.client.HttpClientErrorException;
@@ -82,6 +94,9 @@ import org.springframework.web.client.HttpClientErrorException;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+@RunWith(PowerMockRunner.class)
+@PrepareForTest({ EcompPortalUtils.class, PortalConstants.class, SystemProperties.class,
+		EPCommonSystemProperties.class })
 public class ExternalAccessRolesControllerTest {
 
 	@Mock
@@ -89,6 +104,11 @@ public class ExternalAccessRolesControllerTest {
 
 	@InjectMocks
 	ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
+	@Mock
+	UserService userservice =  new UserServiceCentalizedImpl();
+	
+	@Mock
+	AuditService auditService; 
 
 	@Before
 	public void setup() {
@@ -234,20 +254,27 @@ public class ExternalAccessRolesControllerTest {
 
 	@Test
 	public void getRoleFunctionTest() throws Exception {
-		String reason = getInvalidKeyJson();
+		EPApp mockApp = mockApp();
+		mockApp.setCentralAuth(true);
+		List<EPApp> mockAppList = new ArrayList<>();
+		mockAppList.add(mockApp);
 		StringWriter sw = new StringWriter();
 		PrintWriter writer = new PrintWriter(sw);
 		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
-		CentralV2RoleFunction centralV2RoleFunction = new CentralV2RoleFunction();
-		CentralRoleFunction centralRoleFunction = new CentralRoleFunction();
+		CentralV2RoleFunction roleFunction1 = new CentralV2RoleFunction();
+		CentralRoleFunction roleFunction2 = new CentralRoleFunction();
+		roleFunction1.setCode("test2");
 		String code = "test_menu";
-		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader(uebKey)))
-				.thenReturn(centralV2RoleFunction);
+		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(mockAppList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(mockAppList.get(0))).thenReturn(response);
+		Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey")))
+				.thenReturn(roleFunction1);
 		CentralRoleFunction returnedValue = externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse, code);
-		BeanUtils.copyProperties(centralV2RoleFunction, centralRoleFunction, "type","action");
-		assertEquals(returnedValue,centralRoleFunction);
+		assertEquals(returnedValue, roleFunction2);
 		String result = sw.getBuffer().toString().trim();
-		assertEquals(reason, result);
+		assertEquals("", result);
 	}
 
 	@Test
@@ -319,19 +346,31 @@ public class ExternalAccessRolesControllerTest {
 	}
 
 	@Test
-	@Ignore
 	public void deleteRoleFunctionTest() throws Exception {
+		PowerMockito.mockStatic(EcompPortalUtils.class);
+		PowerMockito.mockStatic(SystemProperties.class);
+		PowerMockito.mockStatic(EPCommonSystemProperties.class);
+		PowerMockito.mockStatic(PortalConstants.class);
 		PortalRestResponse<String> portalRestResponse = null;
 		PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
 		expectedportalRestResponse.setMessage("Successfully Deleted");
 		expectedportalRestResponse.setResponse("Success");
 		PortalRestStatusEnum portalRestStatusEnum = null;
 		EPUser user = mockUser.mockEPUser();
+		List<EPUser> userList = new ArrayList<>();
+		userList.add(user);
 		EPApp app = mockApp();
+		app.setCentralAuth(true);
+		List<EPApp> appList  = new ArrayList<>();
+		appList.add(app);
 		expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
 		String code ="testNew";
-		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LOGIN_ID"))).thenReturn((List<EPUser>) user);
-		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("UEBKEY")).get(0)).thenReturn(app);
+		Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn("guestT");
+		Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
+		Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
 		Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(code, app)).thenReturn(true);
 		portalRestResponse = externalAccessRolesController.deleteRoleFunction(mockedRequest, mockedResponse, code);
 		assertEquals(portalRestResponse, expectedportalRestResponse);
@@ -344,7 +383,7 @@ public class ExternalAccessRolesControllerTest {
 		PrintWriter writer = new PrintWriter(sw);
 		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
 		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(null);
-		List<CentralV2Role> expectedCenRole = externalAccessRolesController.getActiveRoles(mockedRequest, mockedResponse);
+		List<CentralRole> expectedCenRole = externalAccessRolesController.getActiveRoles(mockedRequest, mockedResponse);
 		assertNull(expectedCenRole);
 		String result = sw.getBuffer().toString().trim();
 		assertEquals(reason, result);
@@ -719,4 +758,106 @@ public class ExternalAccessRolesControllerTest {
 		PortalRestResponse<String> actualResponse = 	externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1);
 		assertEquals(actualResponse, null);
 	}
+	
+	@Test
+	public void getEpUserNullTest() throws Exception{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setUebKey("uebKey");
+		app.setCentralAuth(true);
+		applicationList.add(app);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
+		assertNull(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"));
+	}
+	
+	@Test
+	public void getEpUserTest() throws Exception{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setUebKey("uebKey");
+		app.setCentralAuth(true);
+		applicationList.add(app);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
+       String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"defaultUserApp\":null,\"roles\":[],\"fullName\":\"test null\"}";
+		Mockito.when(externalAccessRolesService.getV2UserWithRoles("test12", mockedRequest.getHeader(uebKey))).thenReturn(user);
+		User EPuser = new User();
+		EPuser.setFirstName("test");
+		Mockito.when(userservice.userMapper(user)).thenReturn(EPuser);
+		String res = "{\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"email\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"orgManagerUserId\":null,\"jobTitle\":null,\"loginId\":null,\"active\":false,\"roles\":[]}";
+		assertEquals(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"),res);
+	}
+	
+	@Test
+	public void getEpUserExceptionTest() throws Exception{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setCentralAuth(true);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		StringWriter sw = new StringWriter();
+		PrintWriter writer = new PrintWriter(sw);
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);	
+		assertNull(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"));
+	}
+	
+	@Test
+	public void  getEPRolesOfApplicationTest() throws Exception
+	{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setUebKey("uebKey");
+		app.setCentralAuth(true);
+		applicationList.add(app);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
+		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
+		List<CentralV2Role> cenRoleList = new ArrayList<>();
+		CentralV2Role role = new CentralV2Role();
+		role.setName("test");
+		cenRoleList.add(role);
+		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(cenRoleList);
+		List<EcompRole> ecompRoles = new ArrayList<>();
+		EcompRole eprole = new EcompRole();
+		eprole.setName("test");
+		ecompRoles.add(eprole);
+		assertEquals(ecompRoles,externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
+	}	
+	@Test
+	public void  getEPRolesOfApplicationNullTest() throws Exception
+	{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setUebKey("uebKey");
+		app.setCentralAuth(true);
+		applicationList.add(app);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+		Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
+		Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app);
+		List<CentralV2Role> cenRoleList = new ArrayList<>();
+		CentralV2Role role = new CentralV2Role();
+		role.setName("test");
+		cenRoleList.add(role);
+		Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(null);
+		assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
+
+	}
+	
+	@Test
+	public void  getEPRolesOfApplicationExceptionTest() throws Exception
+	{
+		List<EPApp> applicationList = new ArrayList<EPApp>();
+		EPApp app = mockApp();
+		app.setCentralAuth(true);
+		Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+		StringWriter sw = new StringWriter();
+		PrintWriter writer = new PrintWriter(sw);
+		Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+		assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse));
+
+	}
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
index 6f9ce496..ca94c8ce 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
@@ -107,7 +107,7 @@ public class MicroserviceProxyControllerTest extends MockitoTestSuite {
 		Mockito.when(microserviceProxyService.proxyToDestination(1, user, mockedRequest))
 				.thenThrow(httpClientErrorException);
 		String acutualString = microserviceProxyController.getMicroserviceProxy(mockedRequest, getMockedResponse(), 1);
-		assertEquals("", acutualString);
+		assertTrue(acutualString.equals("{\"error\":\"\"}"));
 	}
 
 	@Test
@@ -139,6 +139,6 @@ public class MicroserviceProxyControllerTest extends MockitoTestSuite {
 				.thenThrow(httpClientErrorException);
 		String acutualString = microserviceProxyController.getMicroserviceProxyByWidgetId(mockedRequest,
 				getMockedResponse(), 1);
-		assertEquals("", acutualString);
+		assertTrue(acutualString.equals("{\"error\":\"\"}"));
 		}
 }
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
index 172b9421..bb408b26 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java
@@ -114,7 +114,7 @@ import org.springframework.web.client.RestTemplate;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 @RunWith(PowerMockRunner.class)
-@PrepareForTest({ EcompPortalUtils.class, Criterion.class, Restrictions.class, SystemProperties.class,
+@PrepareForTest({ EcompPortalUtils.class, Criterion.class, EPUserUtils.class, Restrictions.class, SystemProperties.class,
 		EPCommonSystemProperties.class })
 public class ExternalAccessRolesServiceImplTest {
 	@Mock
@@ -717,6 +717,8 @@ public class ExternalAccessRolesServiceImplTest {
 	@SuppressWarnings("deprecation")
 	@Test
 	public void getAllAppUsersTest() throws Exception {
+		PowerMockito.mockStatic(EcompPortalUtils.class);
+		PowerMockito.mockStatic(EPUserUtils.class);
 		EPApp app = new EPApp();
 		app.setEnabled(true);
 		app.setId((long) 10);
@@ -737,13 +739,23 @@ public class ExternalAccessRolesServiceImplTest {
 		ecompUserRoles.setOrgUserId("guestT");
 		ecompUserRoles.setRoleId((long) 1);
 		ecompUserRoles.setRoleName("test");
+		ecompUserRoles.setFunctionCode("test_type|test_instance|test_action");
+		ecompUserRoles.setFunctionName("test1");
 		EcompUserRoles ecompUserRoles2 = new EcompUserRoles();
 		ecompUserRoles2.setOrgUserId("guestT");
 		ecompUserRoles2.setRoleId((long) 2);
 		ecompUserRoles2.setRoleName("test new");
+		ecompUserRoles2.setFunctionCode("test_instance2");
+		ecompUserRoles2.setFunctionName("test2");
 		userList.add(ecompUserRoles);
 		userList.add(ecompUserRoles2);
-		Mockito.when(dataAccessService.executeNamedQuery("ApplicationUserRoles", appParams, null)).thenReturn(userList);
+		Mockito.when(EcompPortalUtils.getFunctionCode(ecompUserRoles.getFunctionCode())).thenReturn("test_instance");
+        Mockito.when(EPUserUtils.decodeFunctionCode("test_instance")).thenReturn("test_instance");
+        Mockito.when(EcompPortalUtils.getFunctionCode(ecompUserRoles2.getFunctionCode())).thenReturn("test_instance2");
+        Mockito.when(EPUserUtils.decodeFunctionCode("test_instance2")).thenReturn("test_instance2");
+        Mockito.when(EcompPortalUtils.getFunctionType("test_type|test_instance|test_action")).thenReturn("test_type");
+        Mockito.when(EcompPortalUtils.getFunctionAction("test_type|test_instance|test_action")).thenReturn("test_action");
+        Mockito.when(dataAccessService.executeNamedQuery("ApplicationUserRoles", appParams, null)).thenReturn(userList);
 		List<EcompUser> usersfinalList = externalAccessRolesServiceImpl.getAllAppUsers(app.getUebKey());
 		assertEquals(usersfinalList.get(0).getRoles().size(), 2);
 	}
diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml
index 41722611..3eae6860 100644
--- a/ecomp-portal-BE-os/pom.xml
+++ b/ecomp-portal-BE-os/pom.xml
@@ -318,17 +318,17 @@
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-annotations</artifactId>
-			<version>2.9.2</version>
+			<version>2.8.10</version>
 		</dependency>
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-core</artifactId>
-			<version>2.9.2</version>
+			<version>2.8.10</version>
 		</dependency>
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-databind</artifactId>
-			<version>2.9.2</version>
+			<version>2.8.10</version>
 		</dependency>
 		<dependency>
 			<groupId>com.fasterxml</groupId>
@@ -346,6 +346,12 @@
 			<groupId>org.elasticsearch</groupId>
 			<artifactId>elasticsearch</artifactId>
 			<version>2.2.0</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.lucene</groupId>
+					<artifactId>lucene-queryparser</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>io.searchbox</groupId>
@@ -570,7 +576,7 @@
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
 			<artifactId>httpclient</artifactId>
-			<version>4.5.2</version>
+			<version>4.5.3</version>
 		</dependency>
 		<!-- for testing -->
 		<dependency>
@@ -645,6 +651,18 @@
 			<version>${jacocoVersion}</version>
 			<classifier>runtime</classifier>
 		</dependency>
+		<!-- Music -->
+		<dependency>
+			<groupId>org.onap.portal.sdk</groupId>
+			<artifactId>epsdk-music</artifactId>
+			<version>${epsdk.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.onap.music</groupId>
+					<artifactId>*</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
 	</dependencies>
 
 	<reporting>
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
index 06657301..c059a01c 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
@@ -61,6 +61,7 @@ import org.onap.portalapp.authentication.OpenIdConnectLoginStrategy;
 import org.onap.portalapp.authentication.SimpleLoginStrategy;
 import org.onap.portalapp.controller.core.LogoutController;
 import org.onap.portalapp.controller.core.SDKLoginController;
+import org.onap.portalapp.music.conf.MusicSessionConfig;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.domain.EPUserApp;
@@ -100,6 +101,7 @@ import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.ComponentScan.Filter;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.FilterType;
+import org.springframework.context.annotation.Import;
 import org.springframework.context.annotation.Profile;
 import org.springframework.scheduling.annotation.EnableAsync;
 import org.springframework.scheduling.annotation.EnableScheduling;
@@ -119,7 +121,7 @@ import com.google.gson.Gson;
 @Profile("src")
 @EnableAsync
 @EnableScheduling
-
+@Import({ MusicSessionConfig.class })
 public class ExternalAppConfig extends AppConfig implements Configurable {
 
 	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAppConfig.class);
diff --git a/ecomp-portal-BE-os/src/main/resources/cache.ccf b/ecomp-portal-BE-os/src/main/resources/cache.ccf
index d21404b0..5c1296ae 100644
--- a/ecomp-portal-BE-os/src/main/resources/cache.ccf
+++ b/ecomp-portal-BE-os/src/main/resources/cache.ccf
@@ -1,9 +1,9 @@
 # DEFAULT CACHE REGION
 jcs.default=DC
-jcs.default.cacheattributes=org.apache.jcs.engine.CompositeCacheAttributes
+jcs.default.cacheattributes=org.apache.commons.jcs.engine.CompositeCacheAttributes
 jcs.default.cacheattributes.MaxObjects=1000
-jcs.default.cacheattributes.MemoryCacheName=org.apache.jcs.engine.memory.lru.LRUMemoryCache
-jcs.default.elementattributes=org.apache.jcs.engine.ElementAttributes
+jcs.default.cacheattributes.MemoryCacheName=org.apache.commons.jcs.engine.memory.lru.LRUMemoryCache
+jcs.default.elementattributes=org.apache.commons.jcs.engine.ElementAttributes
 jcs.default.elementattributes.IsEternal=true
 jcs.default.elementattributes.IsSpool=true
 
@@ -13,18 +13,18 @@ jcs.default.elementattributes.IsSpool=true
 #jcs.default.cacheattributes.MaxMemoryIdleTimeSeconds=3600
 #jcs.default.cacheattributes.ShrinkerIntervalSeconds=60
 #jcs.default.cacheattributes.MaxSpoolPerRun=500
-#jcs.default.elementattributes=org.apache.jcs.engine.ElementAttributes
+#jcs.default.elementattributes=org.apache.commons.jcs.engine.ElementAttributes
 #jcs.default.elementattributes.IsEternal=false
 
 
 # AUXILLARY CACHE CONFIGURATION
-jcs.auxiliary.DC=org.apache.jcs.auxiliary.disk.indexed.IndexedDiskCacheFactory
-jcs.auxiliary.DC.attributes=org.apache.jcs.auxiliary.disk.indexed.IndexedDiskCacheAttributes
+jcs.auxiliary.DC=org.apache.commons.jcs.auxiliary.disk.indexed.IndexedDiskCacheFactory
+jcs.auxiliary.DC.attributes=org.apache.commons.jcs.auxiliary.disk.indexed.IndexedDiskCacheAttributes
 jcs.auxiliary.DC.attributes.DiskPath=/tmp
 
 
 # PRE-DEFINED REGION FOR LOOKUP DATA
 jcs.region.lookUpObjectCache=DC
-jcs.region.lookUpObjectCache.cacheattributes=org.apache.jcs.engine.CompositeCacheAttributes
+jcs.region.lookUpObjectCache.cacheattributes=org.apache.commons.jcs.engine.CompositeCacheAttributes
 jcs.region.lookUpObjectCache.cacheattributes.MaxObjects=4000
-jcs.region.lookUpObjectCache.cacheattributes.MemoryCacheName=org.apache.jcs.engine.memory.lru.LRUMemoryCache
+jcs.region.lookUpObjectCache.cacheattributes.MemoryCacheName=org.apache.commons.jcs.engine.memory.lru.LRUMemoryCache
diff --git a/ecomp-portal-BE-os/src/main/resources/music.properties b/ecomp-portal-BE-os/src/main/resources/music.properties
new file mode 100644
index 00000000..22d0a02d
--- /dev/null
+++ b/ecomp-portal-BE-os/src/main/resources/music.properties
@@ -0,0 +1,27 @@
+music.endpoint = http://vm-ep-dev4.research.att.com/MUSIC/rest/
+music.version = v2
+music.keyspace = keyspaces
+music.session.keyspace = test_session
+music.tables = tables
+music.session.attr.tables = spring_session_attributes
+music.session.meta.tables = spring_session
+music.rows = rows
+music.sesion.rows = 
+music.x.minor.version = 3
+music.x.patch.version = 0
+music.aid = 
+music.ns = com.att.ecomp.portal.demeter
+music.user.id = m00468@portal.ecomp.att.com
+music.password = friedG33nS-
+music.consistency.info = type
+music.consistency.info.value = eventual
+music.cache = false
+music.session.max.inactive.interval.seconds = 1800
+#By default it's eventual
+music.atomic.get = false 
+music.atomic.put = true
+
+cassandra.host=135.197.226.103
+zookeeper.host=135.197.226.103
+cassandra.user=cassandra
+cassandra.password=cassandra
\ No newline at end of file
diff --git a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
index ee60d326..d31739f7 100644
--- a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
+++ b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml
@@ -69,7 +69,16 @@
 	<listener>
     	<listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class>
   	</listener>
-  	  	
+	<filter>
+		<filter-name>springSessionRepositoryFilter</filter-name>
+		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>springSessionRepositoryFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+		<dispatcher>REQUEST</dispatcher>
+		<dispatcher>ERROR</dispatcher>
+	</filter-mapping>
   	<filter>
     	<filter-name>CorsFilter</filter-name>
 		<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
diff --git a/ecomp-portal-DB-common/portal.cql b/ecomp-portal-DB-common/portal.cql
new file mode 100644
index 00000000..6cb62713
--- /dev/null
+++ b/ecomp-portal-DB-common/portal.cql
@@ -0,0 +1,54 @@
+CREATE KEYSPACE IF NOT EXISTS portal
+    WITH REPLICATION = {
+        'class' : 'SimpleStrategy',
+        'replication_factor': 1
+    }
+    AND DURABLE_WRITES = true;
+ 
+
+CREATE TABLE portal.spring_session (
+    primary_id text PRIMARY KEY,
+    creation_time text,
+    expiry_time text,
+    last_access_time text,
+    max_inactive_interval text,
+    principal_name text,
+    session_id text,
+    vector_ts text
+) WITH bloom_filter_fp_chance = 0.01
+    AND caching = {'keys': 'ALL', 'rows_per_partition': '10'}
+    AND comment = ''
+    AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
+    AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
+    AND crc_check_chance = 1.0
+    AND dclocal_read_repair_chance = 0.1
+    AND default_time_to_live = 0
+    AND gc_grace_seconds = 864000
+    AND max_index_interval = 2048
+    AND memtable_flush_period_in_ms = 0
+    AND min_index_interval = 128
+    AND read_repair_chance = 0.0
+    AND speculative_retry = '99PERCENTILE';
+    
+  
+CREATE TABLE portal.spring_session_attributes (
+    primary_id text,
+    attribute_name text,
+    attribute_bytes blob,
+    vector_ts text,
+    PRIMARY KEY (primary_id, attribute_name)
+) WITH CLUSTERING ORDER BY (attribute_name ASC)
+    AND bloom_filter_fp_chance = 0.01
+    AND caching = {'keys': 'ALL', 'rows_per_partition': '1'}
+    AND comment = ''
+    AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
+    AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
+    AND crc_check_chance = 1.0
+    AND dclocal_read_repair_chance = 0.1
+    AND default_time_to_live = 0
+    AND gc_grace_seconds = 864000
+    AND max_index_interval = 2048
+    AND memtable_flush_period_in_ms = 0
+    AND min_index_interval = 128
+    AND read_repair_chance = 0.0
+    AND speculative_retry = '99PERCENTILE';  
diff --git a/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js b/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js
index 6475a83d..d06262b0 100644
--- a/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js
+++ b/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js
@@ -57,7 +57,9 @@ app.controller('roleCreateEditController',function($scope, conf, $http, $modalIn
 			var availableRoleFunction = $scope.roleFunctions[i];
 			availableRoleFunction.selected = false;
 			for(var j=0; j< $scope.role.roleFunctions.length; j++){
-				if($scope.roleFunctions[i].code === $scope.role.roleFunctions[j].code) {
+				if($scope.roleFunctions[i].code === $scope.role.roleFunctions[j].code
+						&& $scope.roleFunctions[i].type === $scope.role.roleFunctions[j].type
+						&& $scope.roleFunctions[i].action === $scope.role.roleFunctions[j].action) {
 					availableRoleFunction.selected = true;
 					console.log(availableRoleFunction.selected);
 				}
@@ -77,7 +79,9 @@ app.controller('roleCreateEditController',function($scope, conf, $http, $modalIn
 			if(!selected) {
 				for(var i=0; i<$scope.finalSelectedRoleFunctions.length; i++){
 					var availableRoleFunction = $scope.finalSelectedRoleFunctions[i];
-					if(availableRoleFunction.code == selectedRoleFunction.code){
+					if(availableRoleFunction.code == selectedRoleFunction.code
+							&& availableRoleFunction.type == selectedRoleFunction.type
+							&& availableRoleFunction.action == selectedRoleFunction.action){
 						$scope.finalSelectedRoleFunctions.splice(i, 1);
 					}
 				}					
diff --git a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js b/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js
deleted file mode 100644
index 11bc9b38..00000000
--- a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js
+++ /dev/null
@@ -1,59 +0,0 @@
-/*-
- * ============LICENSE_START==========================================
- * ONAP Portal
- * ===================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *             http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *             https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- */
-'use strict';
-
-(function () {
-
-    class userNotificationCtrl {
-        constructor($scope,  ngDialog,items) {
-    		$scope.messageData=items.text;
-    		$scope.messageObject=items.messageObject;
-    		$scope.selectedAdminNotification=items.selectedAdminNotification;
-    		$scope.messageRecipients=items.messageRecipients;
-    		$scope.notifiHyperlink=function(ticket){
-     	    	window.open(ticket);
-    		}
-         }
-    }
-    userNotificationCtrl.$inject = ['$scope','ngDialog','items'];
-    angular.module('ecompApp').controller('userNotificationCtrl', userNotificationCtrl);
-})();
-
-
-
- 
diff --git a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js b/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js
deleted file mode 100644
index 11bc9b38..00000000
--- a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js
+++ /dev/null
@@ -1,59 +0,0 @@
-/*-
- * ============LICENSE_START==========================================
- * ONAP Portal
- * ===================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *             http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *             https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- */
-'use strict';
-
-(function () {
-
-    class userNotificationCtrl {
-        constructor($scope,  ngDialog,items) {
-    		$scope.messageData=items.text;
-    		$scope.messageObject=items.messageObject;
-    		$scope.selectedAdminNotification=items.selectedAdminNotification;
-    		$scope.messageRecipients=items.messageRecipients;
-    		$scope.notifiHyperlink=function(ticket){
-     	    	window.open(ticket);
-    		}
-         }
-    }
-    userNotificationCtrl.$inject = ['$scope','ngDialog','items'];
-    angular.module('ecompApp').controller('userNotificationCtrl', userNotificationCtrl);
-})();
-
-
-
- 
diff --git a/ecomp-portal-widget-ms/widget-ms/pom.xml b/ecomp-portal-widget-ms/widget-ms/pom.xml
index 16e0a75a..a3c5546e 100644
--- a/ecomp-portal-widget-ms/widget-ms/pom.xml
+++ b/ecomp-portal-widget-ms/widget-ms/pom.xml
@@ -142,6 +142,16 @@
     		<artifactId>tomcat-embed-core</artifactId>
     		<version>8.5.13</version>
 		</dependency>
+		<dependency>
+			<groupId>ch.qos.logback</groupId>
+			<artifactId>logback-core</artifactId>
+			<version>1.2.3</version>
+		</dependency>
+		<dependency>
+			<groupId>ch.qos.logback</groupId>
+			<artifactId>logback-classic</artifactId>
+			<version>1.2.3</version>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/pom.xml b/pom.xml
index 9f9306a9..c1b07e00 100644
--- a/pom.xml
+++ b/pom.xml
@@ -27,10 +27,10 @@
 	<properties>
 		<!-- Jenkins should invoke mvn with argument -Dbuild.number=${BUILD_NUMBER} -->
 		<build.number>0</build.number>
-		<epsdk.version>2.1.0</epsdk.version>
+		<epsdk.version>2.2.0-SNAPSHOT</epsdk.version>
 		<springframework.version>4.2.2.RELEASE</springframework.version>
 		<hibernate.version>4.3.11.Final</hibernate.version>
-		<fasterxml.version>2.9.2</fasterxml.version>
+		<fasterxml.version>2.8.10</fasterxml.version>
 		<eelf.version>1.0.0</eelf.version>
 		<!-- NOT provided by OParent, unfortunately -->
 		<jacocoVersion>0.7.6.201602180812</jacocoVersion>
@@ -38,6 +38,7 @@
 		<encoding>UTF-8</encoding>
 		<sonar.exclusions>**/scripts/**/*,**.js</sonar.exclusions>
 		<sonar.test.exclusions>**/test/**/*,**/tests/**/*</sonar.test.exclusions>
+		<enforcer.skip>true</enforcer.skip>
 	</properties>
 
 	<!-- Specify the repositories here to avoid coordination of ~/.m2/settings.xml