diff --git a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
index 8576d90..ce423de 100644
--- a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
@@ -6,6 +6,7 @@ import java.util.List;
 
 import javax.inject.Inject;
 import javax.jcr.Node;
+import javax.jcr.NodeIterator;
 import javax.jcr.security.AccessControlManager;
 import javax.jcr.security.Privilege;
 import javax.servlet.ServletContext;
@@ -90,7 +91,7 @@ public class GroupManager {
 	@Path("")
 	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
 	@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
-	public String createGroup(@FormParam("group") String group){
+	public String createGroup(@FormParam("group") String group, @FormParam("accessType") AccessType accessType){
 
 		JackrabbitSession session = null;
 		String groupId = null;
@@ -102,7 +103,7 @@ public class GroupManager {
 			Group createdGroup = usrManager.createGroup(group);
 			groupId = createdGroup.getID();
 
-			createVreFolder(groupId, session);
+			createVreFolder(groupId, session, accessType);
 
 			session.save();
 		}catch(Exception e) {
@@ -128,8 +129,8 @@ public class GroupManager {
 			org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
 
 			try {
-			Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
-			sharedRootNode.getNode(group).removeSharedSet();
+				Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
+				sharedRootNode.getNode(group).removeSharedSet();
 			}catch (Exception e) {
 				log.warn("vreFolder {} not found, removing only the group", group);
 			}
@@ -169,17 +170,10 @@ public class GroupManager {
 			String folderName =  group.getPrincipal().getName();
 			Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
 			Node folder = sharedRootNode.getNode(folderName);
-			
-			AccessControlManager acm = session.getAccessControlManager();
-			JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
-			Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.WRITE_OWNER.getValue()) };
-			
+
 			String userPath = String.format("%s%s/%s",Utils.getWorkspacePath(user.getPrincipal().getName()).toPath(),Constants.VRE_FOLDER_PARENT_NAME, folderName);
 			log.debug("creating folder in user path {}", userPath );
 			session.getWorkspace().clone(session.getWorkspace().getName(), folder.getPath(),userPath , false);
-			
-			acls.addAccessControlEntry(user.getPrincipal(), usersPrivileges );
-			acm.setPolicy(folder.getPath(), acls);
 
 			session.save();
 		}catch(Exception e) {
@@ -208,6 +202,20 @@ public class GroupManager {
 			Group group = (Group)usrManager.getAuthorizable(groupId);
 			User user = (User)usrManager.getAuthorizable(userId);
 
+			//delete folder on user
+			String folderName =  group.getPrincipal().getName();
+			Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
+			Node folder = sharedRootNode.getNode(folderName);
+
+			NodeIterator ni = folder.getSharedSet();
+			while (ni.hasNext()) {
+				Node node = ni.nextNode();
+				if (node.getPath().startsWith(Utils.getWorkspacePath(user.getPrincipal().getName()).toPath())) {
+					node.removeShare();
+					break;
+				}
+			}
+
 			success = group.removeMember(user);
 
 			session.save();
@@ -256,7 +264,7 @@ public class GroupManager {
 		return users;
 	}
 
-	private void createVreFolder(String groupId, JackrabbitSession session) throws Exception{
+	private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType) throws Exception{
 
 		Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
 
@@ -276,6 +284,10 @@ public class GroupManager {
 		Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
 		acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
 
+		Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(defaultAccessType.getValue()) };
+		acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session,groupId), usersPrivileges );
+		acm.setPolicy(folder.getPath(), acls);
+
 	}
 
 }