diff --git a/pom.xml b/pom.xml
index 3a8e826..e63ca40 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,7 +12,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.gcube.data.access</groupId>
 	<artifactId>storagehub</artifactId>
-	<version>1.1.0</version>
+	<version>1.1.0-SNAPSHOT</version>
 	<name>storagehub</name>
 
 	<scm>
diff --git a/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java b/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
index a402499..016be27 100644
--- a/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
+++ b/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
@@ -1,7 +1,5 @@
 package org.gcube.data.access.storagehub;
 
-import org.apache.jackrabbit.api.security.user.Group;
-
 import javax.inject.Inject;
 import javax.inject.Singleton;
 import javax.jcr.Node;
@@ -13,6 +11,7 @@ import javax.jcr.security.Privilege;
 import org.apache.jackrabbit.api.JackrabbitSession;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
 import org.gcube.common.authorization.library.provider.AuthorizationProvider;
 import org.gcube.common.storagehub.model.Excludes;
@@ -26,9 +25,6 @@ import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import lombok.extern.java.Log;
-import lombok.extern.log4j.Log4j;
-
 @Singleton
 public class AuthorizationChecker {
 	
diff --git a/src/main/java/org/gcube/data/access/storagehub/Utils.java b/src/main/java/org/gcube/data/access/storagehub/Utils.java
index a09dbc0..0d4014c 100644
--- a/src/main/java/org/gcube/data/access/storagehub/Utils.java
+++ b/src/main/java/org/gcube/data/access/storagehub/Utils.java
@@ -36,6 +36,7 @@ import org.gcube.common.storagehub.model.Excludes;
 import org.gcube.common.storagehub.model.Paths;
 import org.gcube.common.storagehub.model.exceptions.BackendGenericError;
 import org.gcube.common.storagehub.model.exceptions.ItemLockedException;
+import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
 import org.gcube.common.storagehub.model.items.AbstractFileItem;
 import org.gcube.common.storagehub.model.items.ExternalLink;
 import org.gcube.common.storagehub.model.items.FolderItem;
@@ -110,16 +111,16 @@ public class Utils {
 	}
 
 
-	public static <T extends Item> List<T> serachByNameOnFolder(Session ses, Node parent, List<String> excludes, Range range, boolean showHidden, boolean excludeTrashed, Class<? extends Item> nodeTypeToInclude, String nameParam) throws RepositoryException, BackendGenericError{
+	public static <T extends Item> List<T> serachByNameOnFolder(Session ses, AuthorizationChecker authChecker, Node parent, List<String> excludes, Range range, boolean showHidden, boolean excludeTrashed, Class<? extends Item> nodeTypeToInclude, String nameParam) throws RepositoryException, BackendGenericError{
 		String xpath = String.format("/jcr:root%s//element(*,nthl:workspaceItem)[jcr:like(fn:lower-case(@jcr:title), '%s')]",ISO9075.encodePath(parent.getPath()), nameParam.toLowerCase());
 
 		//String query = String.format("SELECT * FROM [nthl:workspaceLeafItem] AS node WHERE ISDESCENDANTNODE('%s') ORDER BY node.[jcr:lastModified] DESC ",vreFolder.getPath());
-		logger.trace("query for search is {}",xpath);
-
+		logger.debug("query for search is {}",xpath);
+		long start = System.currentTimeMillis();
 		Query jcrQuery = ses.getWorkspace().getQueryManager().createQuery(xpath, Query.XPATH);
-
 		NodeIterator it =  jcrQuery.execute().getNodes();
-		return getItemListFromNodeIterator(parent, it, excludes, range, showHidden, excludeTrashed, nodeTypeToInclude);
+		logger.debug("[SEARCH] real search took {} millis",(System.currentTimeMillis()-start));
+		return getItemListFromNodeIterator(authChecker, it, excludes, range, showHidden, excludeTrashed, nodeTypeToInclude);
 	}
 	
 
@@ -131,7 +132,7 @@ public class Utils {
 		return getItemListFromNodeIterator(null, iterator, excludes, range, showHidden, false, nodeTypeToInclude);
 	}
 	
-	private static <T extends Item> List<T> getItemListFromNodeIterator(Node parent, NodeIterator iterator, List<String> excludes, Range range, boolean showHidden, boolean excludeTrashed, Class<? extends Item> nodeTypeToInclude) throws RepositoryException, BackendGenericError{
+	private static <T extends Item> List<T> getItemListFromNodeIterator(AuthorizationChecker authChecker, NodeIterator iterator, List<String> excludes, Range range, boolean showHidden, boolean excludeTrashed, Class<? extends Item> nodeTypeToInclude) throws RepositoryException, BackendGenericError{
 		List<T> returnList = new ArrayList<T>();
 		
 		logger.trace("nodeType is {}",nodeTypeToInclude);
@@ -141,15 +142,20 @@ public class Utils {
 		while (iterator.hasNext()){
 			Node current = iterator.nextNode();
 			
-			if (parent!=null && !current.getPath().startsWith(parent.getPath()))
-				continue;
+			logger.debug("[SEARCH] evaluating node {} ",current.hasProperty(NodeProperty.TITLE.toString())? current.getProperty(NodeProperty.TITLE.toString()):current.getName());
 			
-			logger.trace("current node "+current.getName());
-
+			//ECLUDES node not authorized, in case the indexes are not working
+			if (authChecker!=null)
+				try {
+					authChecker.checkReadAuthorizationControl(current.getSession(), current.getIdentifier());
+				} catch (UserNotAuthorizedException | BackendGenericError | RepositoryException e) {
+					continue;
+				}
+						
 			if (isToExclude(current, showHidden))
 				continue;
 
-			logger.trace("current node not excluded "+current.getName());
+			logger.debug("[SEARCH] current node not excluded {} ",current.hasProperty(NodeProperty.TITLE.toString())? current.getProperty(NodeProperty.TITLE.toString()):current.getName());
 
 			if (range==null || (count>=range.getStart() && returnList.size()<range.getLimit())) {
 				T item = node2Item.getFilteredItem(current, excludes, nodeTypeToInclude);
diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java b/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java
index dca9e22..2ed4da6 100644
--- a/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java
@@ -324,7 +324,7 @@ public class ItemsManager {
 			log.debug("search for node {}",name);
 			ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			authChecker.checkReadAuthorizationControl(ses, id);
-			toReturn = Utils.serachByNameOnFolder(ses, ses.getNodeByIdentifier(id), excludes, null, showHidden==null?false:showHidden,excludeTrashed==true?false:excludeTrashed , nodeType!=null ? ClassHandler.instance().get(nodeType) : null, name);
+			toReturn = Utils.serachByNameOnFolder(ses, authChecker, ses.getNodeByIdentifier(id), excludes, null, showHidden==null?false:showHidden,excludeTrashed==true?false:excludeTrashed , nodeType!=null ? ClassHandler.instance().get(nodeType) : null, name);
 			log.debug("search retrieved {} elements",toReturn.size());
 		}catch (ItemNotFoundException e) {
 			log.error("id {} not found",id,e);
diff --git a/src/main/webapp/WEB-INF/README b/src/main/webapp/WEB-INF/README
index de3bef8..9b1f413 100644
--- a/src/main/webapp/WEB-INF/README
+++ b/src/main/webapp/WEB-INF/README
@@ -25,7 +25,7 @@ The projects leading to this software have received funding from a series of
 Version
 --------------------------------------------------
  
-1.1.0-SNAPSHOT (2020-03-16)
+1.1.0-SNAPSHOT (2020-03-17)
  
 Please see the file named "changelog.xml" in this directory for the release notes.
  
