diff --git a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
index 042cd981939921e4025f4c1657be61777ad05edb..d12fc441d495414ac8b4fa84b6df56af7750392f 100644
--- a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
+++ b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
@@ -71,11 +71,16 @@ package ca.nrc.cadc.ac.server.web.groups;
 import static org.easymock.EasyMock.createMock;
 import static org.junit.Assert.fail;
 
+import java.net.URI;
 import java.security.Principal;
+import java.util.UUID;
 
 import javax.security.auth.x500.X500Principal;
 
+import ca.nrc.cadc.ac.AC;
+import ca.nrc.cadc.ac.InternalID;
 import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.util.ObjectUtil;
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
 import org.easymock.EasyMock;
@@ -111,11 +116,14 @@ public class RemoveUserMemberActionTest
     {
         try
         {
+            User user = new User();
+            InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
+            ObjectUtil.setField(user, internalID, "id");
+
             String userID = "cn=foo,c=ca";
             String userIDType = IdentityType.X500.getValue();
-            Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType);
-            User user = new User();
-            user.getIdentities().add(userPrincipal);
+            Principal x500Principal = AuthenticationUtil.createPrincipal(userID, userIDType);
+            user.getIdentities().add(x500Principal);
 
             Group group = new Group("group");
             User member = new User();
@@ -126,7 +134,7 @@ public class RemoveUserMemberActionTest
             EasyMock.expect(mockGroupPersistence.getGroup("group")).andReturn(group);
 
             final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class);
-            EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user);
+            EasyMock.expect(mockUserPersistence.getAugmentedUser(x500Principal)).andReturn(user);
 
             EasyMock.replay(mockGroupPersistence, mockUserPersistence);
 
@@ -160,10 +168,13 @@ public class RemoveUserMemberActionTest
     {
         try
         {
+            User user = new User();
+            InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
+            ObjectUtil.setField(user, internalID, "id");
+
             String userID = "cn=foo,c=ca";
             String userIDType = IdentityType.X500.getValue();
             Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType);
-            User user = new User();
             user.getIdentities().add(new X500Principal(userID));
             user.getIdentities().add(new HttpPrincipal("foo"));
 
@@ -176,7 +187,7 @@ public class RemoveUserMemberActionTest
             EasyMock.expectLastCall();
 
             final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class);
-            EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user);
+            EasyMock.expect(mockUserPersistence.getAugmentedUser(userPrincipal)).andReturn(user);
 
             EasyMock.replay(mockGroupPersistence, mockUserPersistence);
 
diff --git a/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java b/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
index 205d68ad80646b0e3610a8f397eacb5cdc6d5bd8..067d5ab6b8f24d430ff5b063b41b3c483c8e0822 100644
--- a/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
+++ b/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
@@ -108,16 +108,32 @@ public class UserClientTest
         try
         {
             new UserClient(null);
-            Assert.fail("Null base URL should throw an illegalArgumentException.");
+            Assert.fail("Null service URI should throw an illegalArgumentException.");
         }
         catch (IllegalArgumentException iae)
         {
-            Assert.assertTrue(iae.getMessage().contains("invalid serviceURI"));
+            Assert.assertTrue(iae.getMessage().contains("cannot be null"));
         }
         catch (Throwable t)
         {
         	Assert.fail("Unexpected exception: " + t.getMessage());
         }
+
+        // case 2: serviceURI with a fragment
+        try
+        {
+            URI uri = new URI("http://foo.com/bar?test#fragment");
+            new UserClient(uri);
+            Assert.fail("Service URI containing a fragment should throw an illegalArgumentException.");
+        }
+        catch (IllegalArgumentException iae)
+        {
+            Assert.assertTrue(iae.getMessage().contains("fragment not allowed"));
+        }
+        catch (Throwable t)
+        {
+            Assert.fail("Unexpected exception: " + t.getMessage());
+        }
     }
 
     @Test