diff --git a/iam-login-service/src/main/resources/application-voms-test.yml b/iam-login-service/src/main/resources/application-voms-test.yml
new file mode 100644
index 000000000..7f09ff4eb
--- /dev/null
+++ b/iam-login-service/src/main/resources/application-voms-test.yml
@@ -0,0 +1,46 @@
+#
+# Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+spring:
+  profiles:
+    include: mysql
+  datasource:
+    dataSourceClassName: com.mysql.jdbc.jdbc2.optional.MysqlDataSource
+    url: jdbc:mysql://${IAM_DB_HOST:dev.local.io}:${IAM_DB_PORT:3306}/${IAM_DB_NAME:iam}?useSSL=${IAM_DB_USE_SSL:false}
+    username: ${IAM_DB_USERNAME:iam}
+    password: ${IAM_DB_PASSWORD:pwd}
+    max-active: 5
+    min-idle: 1
+    max-idle:  1
+    initial-size: 2
+    test-while-idle: true
+    test-on-borrow: true
+    validation-query: SELECT 1
+    time-between-eviction-runs-millis: 5000
+    min-evictable-idle-time-millis: 5000
+     
+notification:
+  disable: true
+ 
+flyway:
+  locations:
+    - classpath:db/migration/mysql
+    - classpath:db/migration/voms-test
+
+management:
+  health:
+    mail:
+      enabled: false
diff --git a/iam-login-service/src/main/resources/logback-test.xml b/iam-login-service/src/main/resources/logback-test.xml
new file mode 100644
index 000000000..d5f1b6d2b
--- /dev/null
+++ b/iam-login-service/src/main/resources/logback-test.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<configuration>
+  <include
+    resource="org/springframework/boot/logging/logback/base.xml" />
+
+  <logger name="org.springframework" level="OFF" />
+
+</configuration>
diff --git a/iam-persistence/pom.xml b/iam-persistence/pom.xml
index 7ccf173f6..308c28791 100644
--- a/iam-persistence/pom.xml
+++ b/iam-persistence/pom.xml
@@ -18,7 +18,7 @@
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  xsi:schemaLocation="http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
     <groupId>it.infn.mw</groupId>
diff --git a/iam-persistence/src/main/java/db/migration/h2/V23___CreateGroupManagerAuthorities.java b/iam-persistence/src/main/java/db/migration/h2/V23___CreateGroupManagerAuthorities.java
index d5c979315..643929b50 100644
--- a/iam-persistence/src/main/java/db/migration/h2/V23___CreateGroupManagerAuthorities.java
+++ b/iam-persistence/src/main/java/db/migration/h2/V23___CreateGroupManagerAuthorities.java
@@ -18,8 +18,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.CreateGroupManagerAuthorities;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.CreateGroupManagerAuthorities;
 
 /**
  * 
diff --git a/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java
index 1009fc2ed..bb7a247d6 100644
--- a/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java
+++ b/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java
@@ -18,8 +18,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.RemoveOrphanTokens;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens;
 
 public class V34_2___RemoveOrphanTokens extends BaseFlywayJavaMigrationAdapter {
 
diff --git a/iam-persistence/src/main/java/db/migration/mysql/V23___CreateGroupManagerAuthorities.java b/iam-persistence/src/main/java/db/migration/mysql/V23___CreateGroupManagerAuthorities.java
index e46e1b3ac..bc9985fa6 100644
--- a/iam-persistence/src/main/java/db/migration/mysql/V23___CreateGroupManagerAuthorities.java
+++ b/iam-persistence/src/main/java/db/migration/mysql/V23___CreateGroupManagerAuthorities.java
@@ -20,8 +20,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.CreateGroupManagerAuthorities;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.CreateGroupManagerAuthorities;
 
 public class V23___CreateGroupManagerAuthorities extends BaseFlywayJavaMigrationAdapter {
 
diff --git a/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java
index fc4c74ebc..bcb8b4ec1 100644
--- a/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java
+++ b/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java
@@ -18,8 +18,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.RemoveOrphanTokens;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens;
 
 public class V34_2___RemoveOrphanTokens extends BaseFlywayJavaMigrationAdapter {
 
diff --git a/iam-persistence/src/main/java/db/migration/test/V100000_1___CreateGroupManagerAuthorities.java b/iam-persistence/src/main/java/db/migration/test/V100000_1___CreateGroupManagerAuthorities.java
index 1a1bdd859..18f8a4d65 100644
--- a/iam-persistence/src/main/java/db/migration/test/V100000_1___CreateGroupManagerAuthorities.java
+++ b/iam-persistence/src/main/java/db/migration/test/V100000_1___CreateGroupManagerAuthorities.java
@@ -18,8 +18,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.CreateGroupManagerAuthorities;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.CreateGroupManagerAuthorities;
 
 public class V100000_1___CreateGroupManagerAuthorities extends BaseFlywayJavaMigrationAdapter {
 
diff --git a/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java
index 2d8d3c9fb..ec165431e 100644
--- a/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java
+++ b/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java
@@ -18,8 +18,8 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import db.migration.tasks.RemoveOrphanTokens;
 import it.infn.mw.iam.persistence.migrations.BaseFlywayJavaMigrationAdapter;
+import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens;
 
 public class V100000_3___RemoveOrphanTokens extends BaseFlywayJavaMigrationAdapter {
 
diff --git a/iam-persistence/src/main/java/db/migration/tasks/CreateGroupManagerAuthorities.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/CreateGroupManagerAuthorities.java
similarity index 94%
rename from iam-persistence/src/main/java/db/migration/tasks/CreateGroupManagerAuthorities.java
rename to iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/CreateGroupManagerAuthorities.java
index e87a990b6..b0c1402c6 100644
--- a/iam-persistence/src/main/java/db/migration/tasks/CreateGroupManagerAuthorities.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/CreateGroupManagerAuthorities.java
@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package db.migration.tasks;
+package it.infn.mw.iam.persistence.migrations;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -21,8 +21,6 @@
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.support.rowset.SqlRowSet;
 
-import it.infn.mw.iam.persistence.migrations.SpringJdbcFlywayMigration;
-
 public class CreateGroupManagerAuthorities implements SpringJdbcFlywayMigration {
 
   public static final Logger LOG = LoggerFactory.getLogger(CreateGroupManagerAuthorities.class);
diff --git a/iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java
similarity index 95%
rename from iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java
rename to iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java
index 3100c999c..3d47227a4 100644
--- a/iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java
+++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java
@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2018
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -13,15 +13,13 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package db.migration.tasks;
+package it.infn.mw.iam.persistence.migrations;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import it.infn.mw.iam.persistence.migrations.SpringJdbcFlywayMigration;
-
 public class RemoveOrphanTokens implements SpringJdbcFlywayMigration {
 
   public static final Logger LOG = LoggerFactory.getLogger(RemoveOrphanTokens.class);
diff --git a/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql
new file mode 100644
index 000000000..f23ae847e
--- /dev/null
+++ b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql
@@ -0,0 +1,81 @@
+INSERT INTO client_details (id, client_id, client_secret, client_name, dynamically_registered,
+  refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection,
+  token_endpoint_auth_method, require_auth_time) VALUES
+  (1, 'client', 'secret', 'Test Client', false, null, 3600, 600, true, 'SECRET_BASIC',false);
+  
+INSERT INTO client_scope (owner_id, scope) VALUES
+  (1, 'openid'),
+  (1, 'profile'),
+  (1, 'email'),
+  (1, 'address'),
+  (1, 'phone'),
+  (1, 'offline_access'),
+  (1, 'read-tasks'),
+  (1, 'write-tasks'),
+  (1, 'read:/'),
+  (1, 'write:/'),
+  (1, 'attr');
+
+INSERT INTO client_grant_type (owner_id, grant_type) VALUES
+  (1, 'authorization_code'),
+  (1, 'urn:ietf:params:oauth:grant_type:redelegate'),
+  (1, 'implicit'),
+  (1, 'refresh_token');
+    
+INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED, BIRTHDATE, GENDER) VALUES
+(2, 'Test', 'User', 'test@iam.test', true, '1950-01-01','M');
+
+INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active) VALUES
+(2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true);
+
+INSERT INTO iam_oidc_id(issuer, subject, account_id) VALUES
+('https://accounts.google.com', '105440632287425289613', 2),
+('urn:test-oidc-issuer', 'test-user', 2);
+
+INSERT INTO iam_saml_id(idpid, attribute_id, userid, account_id) VALUES
+('https://idptestbed/idp/shibboleth', 'urn:oid:0.9.2342.19200300.100.1.3', 'andrea.ceccanti@example.org',2),
+('https://idptestbed/idp/shibboleth', 'urn:oid:1.3.6.1.4.1.5923.1.1.1.13', '78901@idptestbed',2);
+
+INSERT INTO iam_x509_cert(label,subject_dn,issuer_dn, is_primary,certificate,creation_time, last_update_time,account_id) VALUES
+('test0 cert', 'CN=test0,O=IGI,C=IT', 'CN=Test CA,O=IGI,C=IT',true, 
+'-----BEGIN CERTIFICATE-----
+MIIDnjCCAoagAwIBAgIBCTANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM
+MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTEyMDkyNjE1MzkzNFoX
+DTIyMDkyNDE1MzkzNFowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoTA0lHSTEOMAwG
+A1UEAxMFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKxtrw
+hoZ27SxxISjlRqWmBWB6U+N/xW2kS1uUfrQRav6auVtmtEW45J44VTi3WW6Y113R
+BwmS6oW+3lzyBBZVPqnhV9/VkTxLp83gGVVvHATgGgkjeTxIsOE+TkPKAoZJ/QFc
+CfPh3WdZ3ANI14WYkAM9VXsSbh2okCsWGa4o6pzt3Pt1zKkyO4PW0cBkletDImJK
+2vufuDVNm7Iz/y3/8pY8p3MoiwbF/PdSba7XQAxBWUJMoaleh8xy8HSROn7tF2al
+xoDLH4QWhp6UDn2rvOWseBqUMPXFjsUi1/rkw1oHAjMroTk5lL15GI0LGd5dTVop
+kKXFbTTYxSkPz1MLAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
+fLdB5+jO9LyWN2/VCNYgMa0jvHEwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG
+CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF
+BQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0ojohFJxjAnBgNVHREEIDAe
+gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB
+AQANYtWXetheSeVpCfnId9TkKyKTAp8RahNZl4XFrWWn2S9We7ACK/G7u1DebJYx
+d8POo8ClscoXyTO2BzHHZLxauEKIzUv7g2GehI+SckfZdjFyRXjD0+wMGwzX7MDu
+SL3CG2aWsYpkBnj6BMlr0P3kZEMqV5t2+2Tj0+aXppBPVwzJwRhnrSJiO5WIZAZf
+49YhMn61sQIrepvhrKEUR4XVorH2Bj8ek1/iLlgcmFMBOds+PrehSRR8Gn0IjlEg
+C68EY6KPE+FKySuS7Ur7lTAjNdddfdAgKV6hJyST6/dx8ymIkb8nxCPnxCcT2I2N
+vDxcPMc/wmnMa+smNal0sJ6m
+-----END CERTIFICATE-----', 
+CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),2);
+
+
+INSERT INTO iam_account_authority(account_id, authority_id) VALUES
+(2,2);
+
+-- test groups
+INSERT INTO iam_group(id, parent_group_id, name, uuid, description, creationtime, lastupdatetime) VALUES
+(1, null, 'indigo-dc', 'ff8b5c1e-c0d2-40d1-8216-9896f2570077', 'indigo-dc root group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()),
+(2, 1, 'indigo-dc/subgroup', '28c829f0-9c16-43e7-82a0-ea893ec4fce5', 'indigo-dc subgroup', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()),
+(3, 1, 'indigo-dc/another-subgroup', 'e17ca24b-4772-4e64-a30e-49b394c91503', 'indigo-dc another-subgroup', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()),
+(4, 1, 'indigo-dc/production', 'e9dd63e1-af45-4691-99c4-2d2b5bf5d66a', 'indigo-dc production role', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()),
+(5, 2, 'indigo-dc/subgroup/production', '5bea3ff8-64a6-43a9-a1f5-3354587f68b9', 'indigo-dc subgroup production role', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()));
+
+-- test groups membership
+INSERT INTO iam_account_group(account_id, group_id) VALUES
+(2,1);
+
+
diff --git a/pom.xml b/pom.xml
index c5263210c..74c351e6e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,7 +2,7 @@
 
 <project xmlns="http://maven.apache.org/POM/4.0.0"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  xsi:schemaLocation="http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
     <groupId>org.springframework.boot</groupId>