diff --git a/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java b/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java
index 033824cbea..4fb25d2371 100644
--- a/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java
@@ -92,11 +92,7 @@ public class ConfigResourceTest {
   @Test
   @SubjectAware(username = "readWrite")
   public void shouldUpdateConfig() throws URISyntaxException, IOException {
-    URL url = Resources.getResource("sonia/scm/api/v2/config-test-update.json");
-    byte[] configJson = Resources.toByteArray(url);
-    MockHttpRequest request = MockHttpRequest.put("/" + ConfigResource.CONFIG_PATH_V2)
-      .contentType(VndMediaType.CONFIG)
-      .content(configJson);
+    MockHttpRequest request = post("sonia/scm/api/v2/config-test-update.json");
 
     MockHttpResponse response = new MockHttpResponse();
     dispatcher.invoke(request, response);
@@ -113,11 +109,7 @@ public class ConfigResourceTest {
   @Test
   @SubjectAware(username = "readOnly")
   public void shouldNotUpdateConfigWhenNotAuthorized() throws URISyntaxException, IOException {
-    URL url = Resources.getResource("sonia/scm/api/v2/config-test-update.json");
-    byte[] configJson = Resources.toByteArray(url);
-    MockHttpRequest request = MockHttpRequest.put("/" + ConfigResource.CONFIG_PATH_V2)
-      .contentType(VndMediaType.CONFIG)
-      .content(configJson);
+    MockHttpRequest request = post("sonia/scm/api/v2/config-test-update.json");
     MockHttpResponse response = new MockHttpResponse();
 
     thrown.expectMessage("Subject does not have permission [configuration:write:global]");
@@ -125,6 +117,36 @@ public class ConfigResourceTest {
     dispatcher.invoke(request, response);
   }
 
+  @Test
+  @SubjectAware(username = "readWrite")
+  public void shouldFailForEmptyAdminUsers() throws URISyntaxException, IOException {
+    MockHttpRequest request = post("sonia/scm/api/v2/config-test-empty-admin-user.json");
+
+    MockHttpResponse response = new MockHttpResponse();
+    dispatcher.invoke(request, response);
+
+    assertEquals(HttpServletResponse.SC_BAD_REQUEST, response.getStatus());
+  }
+
+  @Test
+  @SubjectAware(username = "readWrite")
+  public void shouldFailForEmptyAdminGroups() throws URISyntaxException, IOException {
+    MockHttpRequest request = post("sonia/scm/api/v2/config-test-empty-admin-group.json");
+
+    MockHttpResponse response = new MockHttpResponse();
+    dispatcher.invoke(request, response);
+
+    assertEquals(HttpServletResponse.SC_BAD_REQUEST, response.getStatus());
+  }
+
+  private MockHttpRequest post(String resourceName) throws IOException, URISyntaxException {
+    URL url = Resources.getResource(resourceName);
+    byte[] configJson = Resources.toByteArray(url);
+    return MockHttpRequest.put("/" + ConfigResource.CONFIG_PATH_V2)
+      .contentType(VndMediaType.CONFIG)
+      .content(configJson);
+  }
+
   private static ScmConfiguration createConfiguration() {
     ScmConfiguration scmConfiguration = new ScmConfiguration();
     scmConfiguration.setProxyPassword("heartOfGold");
diff --git a/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-group.json b/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-group.json
new file mode 100644
index 0000000000..f665c29ee7
--- /dev/null
+++ b/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-group.json
@@ -0,0 +1,3 @@
+{
+  "adminGroups": [""]
+}
diff --git a/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-user.json b/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-user.json
new file mode 100644
index 0000000000..61efcb1609
--- /dev/null
+++ b/scm-webapp/src/test/resources/sonia/scm/api/v2/config-test-empty-admin-user.json
@@ -0,0 +1,3 @@
+{
+  "adminUsers": [""]
+}