diff --git a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
index aca19aa..439c490 100644
--- a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
@@ -4,6 +4,7 @@ import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Objects;
 
 import javax.inject.Inject;
 import javax.jcr.Node;
@@ -211,7 +212,8 @@ public class GroupManager {
 
 		JackrabbitSession session = null;
 		try {
-
+			Objects.nonNull(groupId);
+			Objects.nonNull(userId);
 			if (!isInfraManager() && !isValidGroupForContext(groupId) )
 				throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
 			
@@ -224,6 +226,11 @@ public class GroupManager {
 			Group group = (Group)usrManager.getAuthorizable(groupId);
 			User authUser = (User)usrManager.getAuthorizable(userId);
 
+			if (group ==null)
+				throw new InvalidCallParameters("invalid group "+groupId);
+			if (authUser ==null)
+				throw new InvalidCallParameters("invalid user "+userId);
+			
 			if (!group.isMember(authUser)) 
 				throw new InvalidCallParameters("user "+userId+" is not in the group "+groupId);
 
@@ -239,7 +246,7 @@ public class GroupManager {
 		}catch(StorageHubException she ){
 			log.error(she.getErrorMessage(), she);
 			GXOutboundErrorResponse.throwException(she, Response.Status.fromStatusCode(she.getStatus()));
-		}catch(RepositoryException re ){
+		}catch(Throwable re ){
 			log.error("adding admin to VREFolder", re);
 			GXOutboundErrorResponse.throwException(new BackendGenericError("jcr error adding admin to VREFolder", re));
 		} finally {
@@ -259,10 +266,12 @@ public class GroupManager {
 		JackrabbitSession session = null;
 		
 		try {
-
+			Objects.nonNull(groupId);
+			Objects.nonNull(userId);
+			
 			if (!isValidGroupForContext(groupId) && !isInfraManager())
 				throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
-			
+									
 			session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			
 			
@@ -283,7 +292,7 @@ public class GroupManager {
 		}catch(StorageHubException she ){
 			log.error(she.getErrorMessage(), she);
 			GXOutboundErrorResponse.throwException(she, Response.Status.fromStatusCode(she.getStatus()));
-		}catch(RepositoryException re ){
+		}catch(Throwable re ){
 			log.error("jcr error creating item", re);
 			GXOutboundErrorResponse.throwException(new BackendGenericError("jcr error creating item", re));
 		}finally {