diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
index a40f4bd67..64f33a01d 100644
--- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
+++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -120,6 +120,39 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 'publicKey': filter.publicKey)
     }
 
+    void constructXmlNodeForFilter(EntityAttributesFilter filter, def markupBuilderDelegate) {
+        markupBuilderDelegate.MetadataFilter('xsi:type': 'EntityAttributes') {
+            // TODO: enhance. currently this does weird things with namespaces
+            filter.attributes.each { attribute ->
+                mkp.yieldUnescaped(openSamlObjects.marshalToXmlString(attribute, false))
+            }
+            if (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType == EntityAttributesFilterTarget
+                    .EntityAttributesFilterTargetType.ENTITY) {
+                filter.entityAttributesFilterTarget.value.each {
+                    Entity(it)
+                }
+            }
+        }
+    }
+
+    void constructXmlNodeForFilter(EntityRoleWhiteListFilter filter, def markupBuilderDelegate) {
+        markupBuilderDelegate.MetadataFilter(
+                'xsi:type': 'EntityRoleWhiteList',
+                'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata'
+        ) {
+            filter.retainedRoles.each {
+                markupBuilderDelegate.RetainedRole(it)
+            }
+        }
+    }
+
+    void constructXmlNodeForFilter(RequiredValidUntilFilter filter, def markupBuilderDelegate) {
+        markupBuilderDelegate.MetadataFilter(
+                'xsi:type': 'RequiredValidUntil',
+                maxValidityInterval: filter.maxValidityInterval
+        )
+    }
+
     void constructXmlNodeForResolver(DynamicHttpMetadataResolver resolver, def markupBuilderDelegate, Closure childNodes) {
         markupBuilderDelegate.MetadataProvider(id: resolver.name,
                 'xsi:type': 'DynamicHttpMetadataProvider',
@@ -167,39 +200,6 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
         }
     }
 
-    void constructXmlNodeForFilter(EntityAttributesFilter filter, def markupBuilderDelegate) {
-        markupBuilderDelegate.MetadataFilter('xsi:type': 'EntityAttributes') {
-            // TODO: enhance. currently this does weird things with namespaces
-            filter.attributes.each { attribute ->
-                mkp.yieldUnescaped(openSamlObjects.marshalToXmlString(attribute, false))
-            }
-            if (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType == EntityAttributesFilterTarget
-                    .EntityAttributesFilterTargetType.ENTITY) {
-                filter.entityAttributesFilterTarget.value.each {
-                    Entity(it)
-                }
-            }
-        }
-    }
-
-    void constructXmlNodeForFilter(EntityRoleWhiteListFilter filter, def markupBuilderDelegate) {
-        markupBuilderDelegate.MetadataFilter(
-                'xsi:type': 'EntityRoleWhiteList',
-                'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata'
-        ) {
-            filter.retainedRoles.each {
-                markupBuilderDelegate.RetainedRole(it)
-            }
-        }
-    }
-
-    void constructXmlNodeForFilter(RequiredValidUntilFilter filter, def markupBuilderDelegate) {
-        markupBuilderDelegate.MetadataFilter(
-                'xsi:type': 'RequiredValidUntil',
-                maxValidityInterval: filter.maxValidityInterval
-        )
-    }
-
     void constructXmlNodeForResolver(FileBackedHttpMetadataResolver resolver, def markupBuilderDelegate, Closure childNodes) {
         markupBuilderDelegate.MetadataProvider(id: resolver.name,
                 'xsi:type': 'FileBackedHTTPMetadataProvider',
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java
index 06c0bbe3e..1902c212b 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java
@@ -134,6 +134,8 @@ public ResponseEntity<?> update(@PathVariable String metadataResolverId,
         MetadataFilter persistedFilter =
                 convertIntoTransientRepresentationIfNecessary(persistedMr.getMetadataFilters().stream(), updatedFilter.getResourceId());
 
+        persistedFilter.setVersion(persistedFilter.hashCode());
+
         return ResponseEntity.ok().body(persistedFilter);
     }
 
@@ -170,7 +172,8 @@ else if(filterWithUpdatedData instanceof EntityRoleWhiteListFilter) {
             toFilter.setRemoveEmptyEntitiesDescriptors(fromFilter.getRemoveEmptyEntitiesDescriptors());
             toFilter.setRemoveRolelessEntityDescriptors(fromFilter.getRemoveRolelessEntityDescriptors());
             toFilter.setRetainedRoles(fromFilter.getRetainedRoles());
-        } else if (filterWithUpdatedData instanceof SignatureValidationFilter) {
+        }
+        else if (filterWithUpdatedData instanceof SignatureValidationFilter) {
             SignatureValidationFilter toFilter = SignatureValidationFilter.class.cast(filterToBeUpdated);
             SignatureValidationFilter fromFilter = SignatureValidationFilter.class.cast(filterWithUpdatedData);
             toFilter.setRequireSignedRoot(fromFilter.getRequireSignedRoot());
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy
index 43f031952..aeebeb8a0 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy
@@ -126,7 +126,6 @@ class MetadataFiltersControllerTests extends Specification {
     def "FilterController.create creates the desired filter (filterType: #filterType)"(String filterType) {
         given:
         def randomFilter = testObjectGenerator.buildRandomFilterOfType(filterType)
-        println('WOO! ' + randomFilter.class)
         def metadataResolver = new MetadataResolver()
         metadataResolver.setResourceId(randomGenerator.randomId())
         metadataResolver.setMetadataFilters(testObjectGenerator.buildAllTypesOfFilterList())
@@ -161,6 +160,7 @@ class MetadataFiltersControllerTests extends Specification {
             'entityAttributes'    | _
             'entityRoleWhiteList' | _
             'signatureValidation' | _
+            'requiredValidUntil'  | _
     }
 
     @Unroll
@@ -169,6 +169,7 @@ class MetadataFiltersControllerTests extends Specification {
         def originalFilter = testObjectGenerator.buildRandomFilterOfType(filterType)
         def updatedFilter = testObjectGenerator.copyOf(originalFilter)
         updatedFilter.name = 'Updated Filter'
+        updatedFilter.version = originalFilter.hashCode()
         def postedJsonBody = mapper.writeValueAsString(updatedFilter)
 
         def originalMetadataResolver = new MetadataResolver()
@@ -194,7 +195,9 @@ class MetadataFiltersControllerTests extends Specification {
 
         then:
         def expectedJson = new JsonSlurper().parseText(postedJsonBody)
-        updatedFilter.fromTransientRepresentation()
+        if (filterType == 'entityAttributes') {
+            EntityAttributesFilter.cast(updatedFilter).fromTransientRepresentation()
+        }
         expectedJson << [version: updatedFilter.hashCode()]
         result.andExpect(status().isOk())
                 .andExpect(content().json(JsonOutput.toJson(expectedJson), true))
@@ -204,6 +207,7 @@ class MetadataFiltersControllerTests extends Specification {
             'entityAttributes'    | _
             'entityRoleWhiteList' | _
             'signatureValidation' | _
+            'requiredValidUntil'  | _
     }
 
     def "FilterController.update filter 409's if the version numbers don't match"() {
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy
index 5d4e5f409..fe5be3277 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy
@@ -134,8 +134,11 @@ class TestObjectGenerator {
             case 'signatureValidation':
                 randomFilter = signatureValidationFilter()
                 break
+            case 'requiredValidUntil':
+                randomFilter = requiredValidUntilFilter()
+                break
             default:
-                randomFilter = new MetadataFilter()
+                throw new RuntimeException("Did you forget to create a TestObjectGenerator.copyOf method for filtertype: ${filterType} ?");
         }
         randomFilter
     }
@@ -179,6 +182,15 @@ class TestObjectGenerator {
         }
     }
 
+    RequiredValidUntilFilter copyOf(RequiredValidUntilFilter requiredValidUntilFilter) {
+        new RequiredValidUntilFilter().with {
+            it.name = requiredValidUntilFilter.name
+            it.resourceId = requiredValidUntilFilter.resourceId
+            it.maxValidityInterval = requiredValidUntilFilter.maxValidityInterval
+            it
+        }
+    }
+
     SignatureValidationFilter copyOf(SignatureValidationFilter signatureValidationFilter) {
         new SignatureValidationFilter().with {
             it.name = signatureValidationFilter.name