diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
index 093d38e6f..37b00ed53 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
@@ -69,8 +69,8 @@ public class ClientDetailsEntity implements ClientDetails {
     private String clientName = "";
     private String clientDescription = "";
     private boolean allowRefresh = false; // do we allow refresh tokens for this client?
-    private Integer accessTokenTimeout = 0; // in seconds
-    private Integer refreshTokenTimeout = 0; // in seconds
+    private Integer accessTokenValiditySeconds = 0; // in seconds
+    private Integer refreshTokenValiditySeconds = 0; // in seconds
     private String owner = ""; // userid of who registered it
     private Set<String> registeredRedirectUri = new HashSet<String>();
     private Set<String> resourceIds = new HashSet<String>();
@@ -272,35 +272,43 @@ public class ClientDetailsEntity implements ClientDetails {
     	this.allowRefresh = allowRefresh;
     }
 
-	/**
-     * @param accessTokenTimeout Lifetime of access tokens, in seconds (optional - leave null for no timeout)
-     */
+	@Override
 	@Basic
-    public Integer getAccessTokenTimeout() {
-    	return accessTokenTimeout;
-    }
-
+	public Integer getAccessTokenValiditySeconds() {
+		return accessTokenValiditySeconds;
+	}
+	
 	/**
      * @param accessTokenTimeout the accessTokenTimeout to set
      */
-    public void setAccessTokenTimeout(Integer accessTokenTimeout) {
-    	this.accessTokenTimeout = accessTokenTimeout;
+    public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
+    	this.accessTokenValiditySeconds = accessTokenValiditySeconds;
     }
 
-	/**
-     * @return the refreshTokenTimeout
-     */
+
+	@Override
 	@Basic
-    public Integer getRefreshTokenTimeout() {
-    	return refreshTokenTimeout;
-    }
-
+	public Integer getRefreshTokenValiditySeconds() {
+		return refreshTokenValiditySeconds;
+	}
+	
 	/**
      * @param refreshTokenTimeout Lifetime of refresh tokens, in seconds (optional - leave null for no timeout)
      */
-    public void setRefreshTokenTimeout(Integer refreshTokenTimeout) {
-    	this.refreshTokenTimeout = refreshTokenTimeout;
+    public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
+    	this.refreshTokenValiditySeconds = refreshTokenValiditySeconds;
     }
+	
+	//TODO: implement fully with db table or get removed from interface
+	@Override
+	@Transient
+	public Map<String, Object> getAdditionalInformation() {
+		return this.additionalInformation;
+	}
+	
+	public void setAdditionalInformation(Map<String, Object> map) {
+		this.additionalInformation = map;
+	}
 
 	/**
      * @return the owner
@@ -487,8 +495,8 @@ public class ClientDetailsEntity implements ClientDetails {
          * @param accessTokenTimeout
          * @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenTimeout(java.lang.Long)
          */
-        public ClientDetailsEntityBuilder setAccessTokenTimeout(int accessTokenTimeout) {
-	        instance.setAccessTokenTimeout(accessTokenTimeout);
+        public ClientDetailsEntityBuilder setAccessValiditySeconds(int accessTokenValiditySeconds) {
+	        instance.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
 			return this;
         }
 
@@ -496,8 +504,8 @@ public class ClientDetailsEntity implements ClientDetails {
          * @param refreshTokenTimeout
          * @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenTimeout(java.lang.Long)
          */
-        public ClientDetailsEntityBuilder setRefreshTokenTimeout(int refreshTokenTimeout) {
-	        instance.setRefreshTokenTimeout(refreshTokenTimeout);
+        public ClientDetailsEntityBuilder setRefreshTokenValiditySeconds(int refreshTokenValiditySeconds) {
+	        instance.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
 			return this;
         }
 
@@ -538,28 +546,6 @@ public class ClientDetailsEntity implements ClientDetails {
 		
 	}
 
-	@Override
-	public int getAccessTokenValiditySeconds() {
-		return accessTokenTimeout;
-	}
-
-
-	@Override
-	public int getRefreshTokenValiditySeconds() {
-		return refreshTokenTimeout;
-	}
-
-	public void setAdditionalInformation(Map<String, Object> map) {
-		this.additionalInformation = map;
-	}
-	
-	//TODO: implement fully with db table or get removed from interface
-	@Override
-	@Transient
-	public Map<String, Object> getAdditionalInformation() {
-		return this.additionalInformation;
-	}
-
 /*	*//**
 	 * @return the contacts
 	 *//*
diff --git a/openid-connect-server/db/tables/clientdetails.sql b/openid-connect-server/db/tables/clientdetails.sql
index 73caed442..1ef99e17c 100644
--- a/openid-connect-server/db/tables/clientdetails.sql
+++ b/openid-connect-server/db/tables/clientdetails.sql
@@ -4,7 +4,7 @@ CREATE TABLE clientdetails (
 	clientName VARCHAR(256),
 	clientDescription VARCHAR(2000),
 	allowRefresh TINYINT,
-	accessTokenTimeout BIGINT,
-	refreshTokenTimeout BIGINT,
+	accessTokenValiditySeconds BIGINT,
+	refreshTokenValiditySeconds BIGINT,
 	owner VARCHAR(256)
 );
\ No newline at end of file
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
index 6e6fd33f5..2bb39f505 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
@@ -99,8 +99,8 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt
 		client.setClientName(name);
 		client.setClientDescription(description);
 		client.setAllowRefresh(allowRefresh);
-		client.setAccessTokenTimeout(accessTokenTimeout);
-		client.setRefreshTokenTimeout(refreshTokenTimeout);
+		client.setAccessTokenValiditySeconds(accessTokenTimeout);
+		client.setRefreshTokenValiditySeconds(refreshTokenTimeout);
 		client.setResourceIds(resourceIds);
 		client.setOwner(owner);
 
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
index 1a65d6003..c61618e04 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
@@ -111,8 +111,8 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 
 		    // make it expire if necessary
 		    // TODO: pending upstream updates, check for 0 or -1 value here
-	    	if (client.getAccessTokenTimeout() != null && client.getAccessTokenTimeout() > 0) {
-	    		Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenTimeout() * 1000L));
+	    	if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
+	    		Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
 	    		token.setExpiration(expiration);
 	    	}
 		    
@@ -124,8 +124,8 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 	    		OAuth2RefreshTokenEntity refreshToken = refreshTokenFactory.createNewRefreshToken();
 	    		
 	    		// make it expire if necessary
-	    		if (client.getRefreshTokenTimeout() != null) {
-		    		Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenTimeout() * 1000L));
+	    		if (client.getRefreshTokenValiditySeconds() != null) {
+		    		Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
 		    		refreshToken.setExpiration(expiration);
 	    		}
 	    		
@@ -198,8 +198,8 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 	    
     	token.setClient(client);
     	
-    	if (client.getAccessTokenTimeout() != null) {
-    		Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenTimeout() * 1000L));
+    	if (client.getAccessTokenValiditySeconds() != null) {
+    		Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
     		token.setExpiration(expiration);
     	}
     	
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthClientAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthClientAPI.java
index 4f7711a1d..83d49b7a3 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthClientAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthClientAPI.java
@@ -188,8 +188,8 @@ public class OAuthClientAPI {
     	client.setClientName(name);
     	client.setClientDescription(description);
     	client.setAllowRefresh(allowRefresh);
-    	client.setAccessTokenTimeout(accessTokenTimeout);
-    	client.setRefreshTokenTimeout(refreshTokenTimeout);
+    	client.setAccessTokenValiditySeconds(accessTokenTimeout);
+    	client.setRefreshTokenValiditySeconds(refreshTokenTimeout);
     	client.setOwner(owner);		
     	
     	clientService.updateClient(client, client);
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
index 07608769f..cc822cbbd 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
@@ -55,10 +55,12 @@ public class UserInfoEndpoint {
 	/**
 	 * Get information about the user as specified in the accessToken->idToken included in this request
 	 * 
-	 * @param accessToken	the Access Token associated with this request
-	 * @param schema		the data schema to use, default is openid	
-	 * @param mav			the ModelAndView object associated with this request
-	 * @return				JSON or JWT response containing UserInfo data
+	 * @param accessToken						the Access Token associated with this request
+	 * @param schema							the data schema to use, default is openid	
+	 * @param mav								the ModelAndView object associated with this request
+	 * @return									JSON or JWT response containing UserInfo data
+	 * @throws UsernameNotFoundException		if the user does not exist or cannot be found
+	 * @throws UnknownUserInfoSchemaException	if an unknown schema is used
 	 */
 	@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST})
 	public ModelAndView getInfo(Principal p, @RequestParam("schema") String schema, ModelAndView mav) {
@@ -78,6 +80,11 @@ public class UserInfoEndpoint {
 		}
 		String userId = p.getName(); 
 		UserInfo userInfo = userInfoService.getByUserId(userId);
+		
+		if (userInfo == null) {
+			throw new UsernameNotFoundException("Invalid User"); 
+		}
+		
 		return new ModelAndView(viewName, "userInfo", userInfo);
 
 	}
diff --git a/spring-security-oauth b/spring-security-oauth
index 90b223a4b..2a3e2636d 160000
--- a/spring-security-oauth
+++ b/spring-security-oauth
@@ -1 +1 @@
-Subproject commit 90b223a4b0dc89cac723690da7b7dc9b360620e0
+Subproject commit 2a3e2636d0c85620fbd495b40c5ef8fe11a94eba