diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AppsService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AppsService.java
index 7ae37c15..8f99e439 100644
--- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AppsService.java
+++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AppsService.java
@@ -31,12 +31,15 @@ import com.github.benmanes.caffeine.cache.Caffeine;
 
 @Repository
 public class AppsService extends JpaBaseService<Apps>{
+	//maxkey-mgt
+	public final static 	String MGT_APP_ID 		= "622076759805923328";
+	
+	public final static 	String DETAIL_SUFFIX	=	"_detail";
 	
-	public final static String DETAIL_SUFFIX	=	"_detail";
 	protected final static  Cache<String, Apps> appsDetailsCacheStore = 
-			Caffeine.newBuilder()
-                .expireAfterWrite(60, TimeUnit.MINUTES)
-                .build();
+										Caffeine.newBuilder()
+							                .expireAfterWrite(30, TimeUnit.MINUTES)
+							                .build();
 	
 	public AppsService() {
 		super(AppsMapper.class);
@@ -75,7 +78,8 @@ public class AppsService extends JpaBaseService<Apps>{
         return appDetails;
     }
 
-    public Apps  loadAppById(String id) {
+    public Apps  loadById(String id) {
+    	id = id.equalsIgnoreCase("maxkey_mgt") ? MGT_APP_ID : id;
     	Apps app = appsDetailsCacheStore.getIfPresent(id); 
     	if(app == null) {
     		app = get(id);
@@ -83,4 +87,5 @@ public class AppsService extends JpaBaseService<Apps>{
     	}
     	return app;
     }
+    
 }
diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
index d6c41ca8..638ccf40 100644
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
@@ -20,6 +20,7 @@
  */
 package org.maxkey.authz.endpoint;
 
+import org.apache.commons.lang3.StringUtils;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.crypto.ReciprocalUtils;
 import org.maxkey.entity.Accounts;
@@ -42,9 +43,6 @@ import org.springframework.web.servlet.ModelAndView;
 public class AuthorizeBaseEndpoint {
 	final static Logger _logger = LoggerFactory.getLogger(AuthorizeBaseEndpoint.class);
 	
-	//maxkey-mgt
-	public final static String MGT_APP_ID = "622076759805923328";
-	
 	@Autowired 
     @Qualifier("applicationConfig")
     protected ApplicationConfig applicationConfig;
@@ -60,9 +58,8 @@ public class AuthorizeBaseEndpoint {
 	protected Apps getApp(String id){
 		Apps  app=(Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
 		//session中为空或者id不一致重新加载
-		if(app==null||!app.getId().equalsIgnoreCase(id)) {
-		    id = id.equalsIgnoreCase("maxkey_mgt") ? MGT_APP_ID : id;
-			app=appsService.get(id);
+		if(StringUtils.isBlank(id) || !app.getId().equalsIgnoreCase(id)) {
+			app=appsService.loadById(id);
 			WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP, app);
 		}
 		if(app	==	null){
@@ -75,36 +72,35 @@ public class AuthorizeBaseEndpoint {
 	protected Accounts getAccounts(Apps app){
 		Accounts account=new Accounts();
 		UserInfo userInfo=WebContext.getUserInfo();
-		Apps  application= getApp(app.getId());
-		if(application.getCredential()==Apps.CREDENTIALS.USER_DEFINED){
+		Apps  loadApp = getApp(app.getId());
+		if(loadApp.getCredential()==Apps.CREDENTIALS.USER_DEFINED){
 			
-			account=accountsService.load(new Accounts(userInfo.getId(),application.getId()));
+			account=accountsService.load(new Accounts(userInfo.getId(),loadApp.getId()));
 			if(account!=null){
 				account.setRelatedPassword(ReciprocalUtils.decoder(account.getRelatedPassword()));
 			}
-		}else if(application.getCredential()==Apps.CREDENTIALS.SHARED){
+		}else if(loadApp.getCredential()==Apps.CREDENTIALS.SHARED){
 			
-			account.setRelatedUsername(application.getSharedUsername());
-			account.setRelatedPassword(ReciprocalUtils.decoder(application.getSharedPassword()));
+			account.setRelatedUsername(loadApp.getSharedUsername());
+			account.setRelatedPassword(ReciprocalUtils.decoder(loadApp.getSharedPassword()));
 			
-		}else if(application.getCredential()==Apps.CREDENTIALS.SYSTEM){
+		}else if(loadApp.getCredential()==Apps.CREDENTIALS.SYSTEM){
 			
-			if(application.getSystemUserAttr().equalsIgnoreCase("userId")){
+			if(loadApp.getSystemUserAttr().equalsIgnoreCase("userId")){
 				account.setUsername(userInfo.getId());
-			}else if(application.getSystemUserAttr().equalsIgnoreCase("username")){
+			}else if(loadApp.getSystemUserAttr().equalsIgnoreCase("username")){
 				account.setUsername(userInfo.getUsername());
-			}else if(application.getSystemUserAttr().equalsIgnoreCase("employeeNumber")){
+			}else if(loadApp.getSystemUserAttr().equalsIgnoreCase("employeeNumber")){
 				account.setUsername(userInfo.getEmployeeNumber());
-			}else if(application.getSystemUserAttr().equalsIgnoreCase("email")){
+			}else if(loadApp.getSystemUserAttr().equalsIgnoreCase("email")){
 				account.setUsername(userInfo.getEmail());
-			}else if(application.getSystemUserAttr().equalsIgnoreCase("windowsAccount")){
+			}else if(loadApp.getSystemUserAttr().equalsIgnoreCase("windowsAccount")){
 				account.setUsername(userInfo.getWindowsAccount());
 			}
 			//decoder database stored encode password
 			account.setRelatedPassword(ReciprocalUtils.decoder(WebContext.getUserInfo().getDecipherable()));
 			
-			
-		}else if(application.getCredential()==Apps.CREDENTIALS.NONE){
+		}else if(loadApp.getCredential()==Apps.CREDENTIALS.NONE){
 			
 			account.setUsername(userInfo.getUsername());
 			account.setRelatedPassword(userInfo.getUsername());
diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
index 881cbf42..7df2bfb9 100644
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
@@ -28,6 +28,8 @@ import org.maxkey.entity.apps.Apps;
 import org.maxkey.persistence.service.AppsCasDetailsService;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -44,6 +46,8 @@ import io.swagger.annotations.ApiOperation;
 @Api(tags = "1-2认证总地址文档模块")
 @Controller
 public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
+	final static Logger _logger = LoggerFactory.getLogger(AuthorizeEndpoint.class);
+	
 	@Autowired
 	AppsCasDetailsService casDetailsService;
 	
@@ -54,30 +58,29 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 			HttpServletRequest request,
 			@PathVariable("id") String id){
 		ModelAndView modelAndView=null;
-		Apps  application=getApp(id);
-		id = application.getId();
-		WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, application.getId());
+		Apps  app=getApp(id);
+		WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, app.getId());
 		
-		if(application.getProtocol().equalsIgnoreCase(ConstantsProtocols.EXTEND_API)){
-			modelAndView=WebContext.forward("/authz/api/"+id);
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.FORMBASED)){
-			 modelAndView=WebContext.forward("/authz/formbased/"+id);
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH20)){
-			 modelAndView=WebContext.forward("/authz/oauth/v20/"+application.getId());
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH21)){
-		    modelAndView=WebContext.redirect(application.getLoginUrl());
-        }else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.OPEN_ID_CONNECT10)){
-            modelAndView=WebContext.forward("/authz/oauth/v20/"+application.getId());
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.SAML20)){
-			 modelAndView=WebContext.forward("/authz/saml20/idpinit/"+application.getId());
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.TOKENBASED)){
-			modelAndView=WebContext.forward("/authz/tokenbased/"+id);
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.CAS)){
-			modelAndView=WebContext.forward("/authz/cas/"+id);
-		}else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.JWT)){
-            modelAndView=WebContext.forward("/authz/jwt/"+id);
-        }else if (application.getProtocol().equalsIgnoreCase(ConstantsProtocols.BASIC)){
-			modelAndView=WebContext.redirect(application.getLoginUrl());
+		if(app.getProtocol().equalsIgnoreCase(ConstantsProtocols.EXTEND_API)){
+			modelAndView=WebContext.forward("/authz/api/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.FORMBASED)){
+			 modelAndView=WebContext.forward("/authz/formbased/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH20)){
+			 modelAndView=WebContext.forward("/authz/oauth/v20/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH21)){
+		    modelAndView=WebContext.redirect(app.getLoginUrl());
+        }else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OPEN_ID_CONNECT10)){
+            modelAndView=WebContext.forward("/authz/oauth/v20/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.SAML20)){
+			 modelAndView=WebContext.forward("/authz/saml20/idpinit/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.TOKENBASED)){
+			modelAndView=WebContext.forward("/authz/tokenbased/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.CAS)){
+			modelAndView=WebContext.forward("/authz/cas/"+app.getId());
+		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.JWT)){
+            modelAndView=WebContext.forward("/authz/jwt/"+app.getId());
+        }else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.BASIC)){
+			modelAndView=WebContext.redirect(app.getLoginUrl());
 		}
 		
 		_logger.debug(modelAndView.getViewName());
diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
index ab865323..794a537f 100644
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
@@ -60,7 +60,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
     
     protected final static  Cache<String, ClientDetails> clientDetailsCache = 
             Caffeine.newBuilder()
-                .expireAfterWrite(60, TimeUnit.MINUTES)
+                .expireAfterWrite(30, TimeUnit.MINUTES)
                 .maximumSize(200000)
                 .build();