diff --git a/build.gradle b/build.gradle
index e9b0830f..516cd5fe 100644
--- a/build.gradle
+++ b/build.gradle
@@ -147,7 +147,7 @@ subprojects {
          compile group: 'org.apache.httpcomponents', name: 'httpcore', version: '4.4.10'
          compile group: 'org.apache.velocity', name: 'velocity', version: '1.7'
          compile group: 'velocity', name: 'velocity-dep', version: '1.4'
-         compile group: 'org.freemarker', name: 'freemarker', version: '2.3.28'
+         compile group: 'org.freemarker', name: 'freemarker', version: '2.3.29'
          compile group: 'org.apache.commons', name: 'not-yet-commons-ssl', version: '0.3.9'
 		//logs
          compile group: 'org.apache.logging.log4j', name: 'log4j-1.2-api', version: "${log4jVersion}"
diff --git a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java b/maxkey-core/src/main/java/org/maxkey/web/ImageEndpoint.java
similarity index 97%
rename from maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
rename to maxkey-core/src/main/java/org/maxkey/web/ImageEndpoint.java
index 02028e81..b31c8cd3 100644
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/ImageEndpoint.java
@@ -1,4 +1,4 @@
-package org.maxkey.web.endpoint;
+package org.maxkey.web;
 
 import java.awt.image.BufferedImage;
 import java.io.ByteArrayInputStream;
@@ -52,7 +52,7 @@ public class ImageEndpoint {
             response.setContentType("image/jpeg");
             // create the text for the image
             String capText = captchaProducer.createText();
-            _logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
+            _logger.trace("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
             // store the text in the session
             request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
             // create the image with the text
diff --git a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java b/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
index 5e761641..1a8aef9b 100644
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
@@ -3,8 +3,6 @@ package org.maxkey.web.endpoint;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
diff --git a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
index b7b80a76..cf475aed 100644
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
@@ -36,10 +36,11 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 	 */
 	@Override
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
-		 _logger.debug("PermissionAdapter preHandle");
+		 _logger.trace("PermissionAdapter preHandle");
 		
 		//判断用户是否登录
 		if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色，判断用户是否登录用户
+			_logger.trace("No Authentication ... forward to /login");
 			RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
 			dispatcher.forward(request, response);
 			return false;
diff --git a/maxkey-web-manage/src/main/resources/application.properties b/maxkey-web-manage/src/main/resources/application.properties
index 9eecebdd..93275b76 100644
--- a/maxkey-web-manage/src/main/resources/application.properties
+++ b/maxkey-web-manage/src/main/resources/application.properties
@@ -5,6 +5,9 @@ server.port=9521
 #web app context path
 server.servlet.context-path=/maxkey-mgt
 
+application.name=MaxKey-Mgt
+application.formatted-version=v1.1 GA
+
 #for freemarker
 spring.freemarker.template-loader-path=classpath:/templates/views
 spring.freemarker.cache=false
diff --git a/maxkey-web-manage/src/main/resources/banner.txt b/maxkey-web-manage/src/main/resources/banner.txt
new file mode 100644
index 00000000..34211c3a
--- /dev/null
+++ b/maxkey-web-manage/src/main/resources/banner.txt
@@ -0,0 +1,7 @@
+   __  ___           __ __        
+  /  |/  /__ ___ __ / //_/__ __ __
+ / /|_/ / _ `/\ \ // ,< / -_) // /
+/_/  /_/\_,_//_\_\/_/|_|\__/\_, / 
+                           /___/  
+                              ${application.formatted-version} 
+ :: Spring Boot ::          ${spring-boot.formatted-version}
\ No newline at end of file
diff --git a/maxkey-web-manage/src/main/resources/log4j2.xml b/maxkey-web-manage/src/main/resources/log4j2.xml
index 09399541..2ac6eab4 100644
--- a/maxkey-web-manage/src/main/resources/log4j2.xml
+++ b/maxkey-web-manage/src/main/resources/log4j2.xml
@@ -1,5 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>  
-<configuration status="INFO" monitorInterval="300">  
+<!--DOCTYPE log4j:configuration SYSTEM "log4j.dtd" -->
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"
+	 status="INFO"  monitorInterval="300"
+>   
     <appenders>  
     	
         <Console name="consolePrint" target="SYSTEM_OUT">  
@@ -31,4 +34,4 @@
             <appender-ref ref="RollingFile" /> 
         </root>  
     </loggers>  
-</configuration>
\ No newline at end of file
+</log4j:configuration>
\ No newline at end of file
diff --git a/maxkey-web-manage/src/main/resources/spring/maxkey-mgt-security.xml b/maxkey-web-manage/src/main/resources/spring/maxkey-mgt-security.xml
index 49ead5b8..a297a77b 100644
--- a/maxkey-web-manage/src/main/resources/spring/maxkey-mgt-security.xml
+++ b/maxkey-web-manage/src/main/resources/spring/maxkey-mgt-security.xml
@@ -58,25 +58,18 @@
 	<mvc:interceptors>
 		<!-- web Controller InterceptorAdapter for platform permission  -->
 		<mvc:interceptor>
-			<!-- for index -->
-			<mvc:mapping path="/index/*" />
-			<!-- for System -->
-			<mvc:mapping path="/menus/*" />
-			<mvc:mapping path="/roles/*" />
-			<mvc:mapping path="/logs/*" />
-			<mvc:mapping path="/userinfo/*" />
-			<mvc:mapping path="/relyingparty/*" />
-			<mvc:mapping path="/sysconfig/*" />
+			<mvc:mapping path="/main*/**" />
+			<mvc:mapping path="/main*/**" />
+			<mvc:mapping path="/orgs*/**" />
+			<mvc:mapping path="/userinfo*/**" />
+			<mvc:mapping path="/apps*/**" />
+			<mvc:mapping path="/app*/**" />
+			<mvc:mapping path="/groups*/**" />
+			<mvc:mapping path="/groupMember*/**" />
+			<mvc:mapping path="/groupPrivileges*/**" />
+			<mvc:mapping path="/config*/**" />
+			<mvc:mapping path="/logs*/**" />
 			
-			<mvc:mapping path="/roles/*"/>
-			<mvc:mapping path="/applications/*"/>
-			<mvc:mapping path="/approles/*"/>
-			
-			<mvc:mapping path="/users/*" />
-			<mvc:mapping path="/enterprises/*" />
-			<mvc:mapping path="/employees/*" />
-			<mvc:mapping path="/authInfo/*" />
-			<mvc:mapping path="/usercenter/*"/>
 			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
 		</mvc:interceptor>	
 		<!-- web Controller InterceptorAdapter for platform log  -->
diff --git a/maxkey-web-manage/src/main/resources/templates/views/layout/left.ftl b/maxkey-web-manage/src/main/resources/templates/views/layout/left.ftl
deleted file mode 100644
index 139597f9..00000000
--- a/maxkey-web-manage/src/main/resources/templates/views/layout/left.ftl
+++ /dev/null
@@ -1,2 +0,0 @@
-
-
diff --git a/maxkey-web-manage/src/main/resources/templates/views/layout/nav_primary.ftl b/maxkey-web-manage/src/main/resources/templates/views/layout/nav_primary.ftl
deleted file mode 100644
index 7f38f270..00000000
--- a/maxkey-web-manage/src/main/resources/templates/views/layout/nav_primary.ftl
+++ /dev/null
@@ -1,84 +0,0 @@
-<div id="nav_primary" >
-<div id="nav_primary"  class="menuprimary">
-	<ul >
-		<li  id="nav_primay_11"  class="nav_primay_level primaryleft"  xpath="">
-			<a   href="<@base/>/appList">我的应用</a>
-		</li>
-		<li  id="nav_primay_12"  class="nav_primay_level primaryleft"  xpath="">
-			<a   href="<@base/>/socialsignon/list">认证关联</a>
-		</li>
-		<li  id="nav_primay_13"  class="nav_primay_level primaryleft"  xpath="">
-			<a   href="<@base/>/safe/forward/setting">安全设置</a>
-			<div id="nav_child_1301"  class="nav_second_child">
-				<ul>
-					<li id="nav_second_1301" class="nav_second_level">
-						<a   href="<@base/>/safe/forward/setting">安全设置</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1302" class="nav_second_level">
-						<a   href="<@base/>/safe/forward/changePasswod">密码修改</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1303" class="nav_second_level">
-						<a   href="<@base/>/safe/forward/changeAppLoginPasswod">应用登录密码</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1304" class="nav_second_level">
-						<a   href="<@base/>/appConfigList">应用配置</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1305" class="nav_second_level">
-						<a   href="<@base/>/safe/otp/timebased">时间令牌</a>
-					</li>
-				</ul>
-			</div>
-		</li>
-		
-		<li  id="nav_primay_14"  class="nav_primay_level primaryleft"  xpath="">
-			<a  href="<@base/>/profile/myProfile">我的资料</a>
-		</li>
-		<li  id="nav_primay_15"  class="nav_primay_level primaryleft"  xpath="">
-			<a   href="<@base/>/logs/loginHistoryList">日志审计</a>
-			<div id="nav_child_1501"  class="nav_second_child">
-				<ul>
-					<li id="nav_second_1501" class="nav_second_level">
-						<a   href="<@base/>/logs/loginHistoryList">登录日志</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1502" class="nav_second_level">
-						<a   href="<@base/>/logs/loginAppHistoryList">访问日志</a>
-					</li>
-				</ul>
-				<ul>
-					<li id="nav_second_1503" class="nav_second_level">
-						<a   href="<@base/>/logs/list">操作日志</a>
-					</li>
-				</ul>
-			</div>
-		</li>
-	</ul>
-</div>
-</div>
-<div id="nav_second"  style="clear: left"><div class='menusecond'></div><br style='clear: left' /></div>
-<script>
-	$(function(){
-		function displaySecondNavs(menuId){
-			if($("#"+menuId+" .nav_second_child").html()){
-				$("#nav_second").html("<div class='menusecond'>"+$("#"+menuId+" .nav_second_child").html()+"</div><br style='clear: left' />");
-			}else{
-				$("#nav_second").html("");
-			}
-		}
-		
-		displaySecondNavs('${Request["mnid"]!"nav_primay_15"}');
-		$(".menuprimary ul li").mouseover(function(){
-			displaySecondNavs(this.id);
-		});
-		
-	});
-</script>
\ No newline at end of file
diff --git a/maxkey-web-manage/src/main/resources/templates/views/layout/nav_second.ftl b/maxkey-web-manage/src/main/resources/templates/views/layout/nav_second.ftl
deleted file mode 100644
index cbdae528..00000000
--- a/maxkey-web-manage/src/main/resources/templates/views/layout/nav_second.ftl
+++ /dev/null
@@ -1 +0,0 @@
-<div class='menusecond'></div><br style='clear: left' />
diff --git a/maxkey-web-manage/src/main/resources/templates/views/layout/nav_third.ftl b/maxkey-web-manage/src/main/resources/templates/views/layout/nav_third.ftl
deleted file mode 100644
index e69de29b..00000000
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
index 27a1089f..5dbea8d1 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
@@ -2,11 +2,15 @@ package org.maxkey;
 
 import org.maxkey.authz.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.server.ConfigurableWebServerFactory;
+import org.springframework.boot.web.server.ErrorPage;
+import org.springframework.boot.web.server.WebServerFactoryCustomizer;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.ImportResource;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.http.HttpStatus;
 
 @Configuration
 @ImportResource(locations={"classpath:spring/maxkey.xml"})
@@ -32,4 +36,24 @@ public class MaxKeyConfig {
         registration.setOrder(1);
         return registration;
     }
+	 
+	  /**
+	     * 配置默认错误页面（仅用于内嵌tomcat启动时）
+	     * 使用这种方式，在打包为war后不起作用
+	     *
+	     * @return
+	     */  
+	@Bean
+	public WebServerFactoryCustomizer<ConfigurableWebServerFactory> webServerFactoryCustomizer() {
+		return new WebServerFactoryCustomizer<ConfigurableWebServerFactory>() {
+            @Override
+            public void customize(ConfigurableWebServerFactory factory) {
+            	 ErrorPage errorPage400 = new ErrorPage(HttpStatus.BAD_REQUEST,"/error-400");
+                 ErrorPage errorPage404 = new ErrorPage(HttpStatus.NOT_FOUND,"/error-404");
+                 ErrorPage errorPage500 = new ErrorPage(HttpStatus.INTERNAL_SERVER_ERROR,"/error-500");
+                 factory.addErrorPages(errorPage400, errorPage404,errorPage500);
+
+            }
+        };
+	}
 }
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java
index e8377da8..bc40e2ce 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java
@@ -12,7 +12,7 @@ import org.maxkey.dao.service.UserInfoService;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.util.RQCodeUtils;
 import org.maxkey.web.WebContext;
-import org.maxkey.web.endpoint.ImageEndpoint;
+import org.maxkey.web.ImageEndpoint;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -36,34 +36,25 @@ public class OneTimePasswordController {
 	private UserInfoService userInfoService;
 	
 	@Autowired
-	@Qualifier("timeBasedKeyUriFormat")
-	KeyUriFormat timeBasedKeyUriFormat;
-	
-	@Autowired
-	@Qualifier("counterBasedKeyUriFormat")
-	KeyUriFormat counterBasedKeyUriFormat;
-	
-	@Autowired
-	@Qualifier("hotpKeyUriFormat")
-	KeyUriFormat hotpKeyUriFormat;
+	@Qualifier("keyUriFormat")
+	KeyUriFormat keyUriFormat;
 
 	@Autowired
 	@Qualifier("passwordReciprocal")
 	PasswordReciprocal passwordReciprocal;
 	
-
 	@RequestMapping(value={"/timebased"})
 	public ModelAndView timebased(){
 		ModelAndView modelAndView=new ModelAndView("safe/timeBased");
 		UserInfo userInfo=WebContext.getUserInfo();
 		String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
-		timeBasedKeyUriFormat.setSecret(sharedSecret);
-		String otpauth=timeBasedKeyUriFormat.format(userInfo.getUsername());
+		keyUriFormat.setSecret(sharedSecret);
+		String otpauth=keyUriFormat.format(userInfo.getUsername());
 		byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
 		String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
 		modelAndView.addObject("id", genRQCode(otpauth));
 		modelAndView.addObject("userInfo", userInfo);
-		modelAndView.addObject("format", timeBasedKeyUriFormat);
+		modelAndView.addObject("format", keyUriFormat);
 		modelAndView.addObject("sharedSecret", sharedSecret);
 		modelAndView.addObject("hexSharedSecret", hexSharedSecret);
 		return modelAndView;
@@ -72,7 +63,7 @@ public class OneTimePasswordController {
 	@RequestMapping(value={"gen/timebased"})
 	public ModelAndView gentimebased(){
 		UserInfo userInfo=WebContext.getUserInfo();
-		byte[] byteSharedSecret=OTPSecret.generate(timeBasedKeyUriFormat.getCrypto());
+		byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
 		String sharedSecret=Base32Utils.encode(byteSharedSecret);
 		sharedSecret=passwordReciprocal.encode(sharedSecret);
 		userInfo.setSharedSecret(sharedSecret);
@@ -87,15 +78,15 @@ public class OneTimePasswordController {
 		ModelAndView modelAndView=new ModelAndView("safe/counterBased");
 		UserInfo userInfo=WebContext.getUserInfo();
 		String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
-		counterBasedKeyUriFormat.setSecret(sharedSecret);
-		counterBasedKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
-		String otpauth=counterBasedKeyUriFormat.format(userInfo.getUsername());
+		keyUriFormat.setSecret(sharedSecret);
+		keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
+		String otpauth=keyUriFormat.format(userInfo.getUsername());
 	
 		byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
 		String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
 		modelAndView.addObject("id", genRQCode(otpauth));
 		modelAndView.addObject("userInfo", userInfo);
-		modelAndView.addObject("format", counterBasedKeyUriFormat);
+		modelAndView.addObject("format", keyUriFormat);
 		modelAndView.addObject("sharedSecret", sharedSecret);
 		modelAndView.addObject("hexSharedSecret", hexSharedSecret);
 		return modelAndView;
@@ -105,7 +96,7 @@ public class OneTimePasswordController {
 	@RequestMapping(value={"gen/counterbased"})
 	public ModelAndView gencounterbased(){
 		UserInfo userInfo=WebContext.getUserInfo();
-		byte[] byteSharedSecret=OTPSecret.generate(counterBasedKeyUriFormat.getCrypto());
+		byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
 		String sharedSecret=Base32Utils.encode(byteSharedSecret);
 		sharedSecret=passwordReciprocal.encode(sharedSecret);
 		userInfo.setSharedSecret(sharedSecret);
@@ -120,14 +111,14 @@ public class OneTimePasswordController {
 		ModelAndView modelAndView=new ModelAndView("safe/hotp");
 		UserInfo userInfo=WebContext.getUserInfo();
 		String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
-		hotpKeyUriFormat.setSecret(sharedSecret);
-		hotpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
-		String otpauth=hotpKeyUriFormat.format(userInfo.getUsername());
+		keyUriFormat.setSecret(sharedSecret);
+		keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
+		String otpauth=keyUriFormat.format(userInfo.getUsername());
 		byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
 		String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
 		modelAndView.addObject("id", genRQCode(otpauth));
 		modelAndView.addObject("userInfo", userInfo);
-		modelAndView.addObject("format", hotpKeyUriFormat);
+		modelAndView.addObject("format", keyUriFormat);
 		modelAndView.addObject("sharedSecret", sharedSecret);
 		modelAndView.addObject("hexSharedSecret", hexSharedSecret);
 		return modelAndView;
@@ -137,7 +128,7 @@ public class OneTimePasswordController {
 	@RequestMapping(value={"gen/hotp"})
 	public ModelAndView genhotp(){
 		UserInfo userInfo=WebContext.getUserInfo();
-		byte[] byteSharedSecret=OTPSecret.generate(hotpKeyUriFormat.getCrypto());
+		byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
 		String sharedSecret=Base32Utils.encode(byteSharedSecret);
 		sharedSecret=passwordReciprocal.encode(sharedSecret);
 		userInfo.setSharedSecret(sharedSecret);
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
deleted file mode 100644
index 02028e81..00000000
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
+++ /dev/null
@@ -1,138 +0,0 @@
-package org.maxkey.web.endpoint;
-
-import java.awt.image.BufferedImage;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.imageio.ImageIO;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.maxkey.web.WebConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-
-import com.google.code.kaptcha.Producer;
-
-/**
- * @author Crystal.Sea
- *
- */
-@Controller
-public class ImageEndpoint {
-	private static final Logger _logger = LoggerFactory.getLogger(ImageEndpoint.class);
-	
-	@Autowired
- 	private Producer captchaProducer;
-
-	/**
-	 * captcha image Producer
-	 * @param request
-	 * @param response
-	 */
- 	@RequestMapping(value = "/captcha")
-    public void captchaHandleRequest(HttpServletRequest request,HttpServletResponse response){
- 		try{
- 			// Set to expire far in the past.
-            response.setDateHeader("Expires", 0);
-            // Set standard HTTP/1.1 no-cache headers.
-            response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
-            // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
-            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
-            // Set standard HTTP/1.0 no-cache header.
-            response.setHeader("Pragma", "no-cache");
-            // return a jpeg
-            response.setContentType("image/jpeg");
-            // create the text for the image
-            String capText = captchaProducer.createText();
-            _logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
-            // store the text in the session
-            request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
-            // create the image with the text
-            BufferedImage bi = captchaProducer.createImage(capText);
-            ServletOutputStream out = response.getOutputStream();
-            // write the data out
-            ImageIO.write(bi, "jpg", out);
-    
-            out.flush();
-            out.close();
-		}catch(Exception e) {
-			_logger.error("captcha Producer Error " + e.getMessage());
-        }
-    }
- 	
-	/**
-	 * image Producer
-	 * @param request
-	 * @param response
-	 * @return
-	 * @throws Exception
-	 */
-
-	@RequestMapping("/image/{id}")
-    public void imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
-            // Set to expire far in the past.
-            response.setDateHeader("Expires", 0);
-            // Set standard HTTP/1.1 no-cache headers.
-            response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
-            // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
-            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
-            // Set standard HTTP/1.0 no-cache header.
-            response.setHeader("Pragma", "no-cache");
-            // return a jpeg/gif
-            response.setContentType("image/gif");
-            // create the text for the image
-            byte[]image=(byte[]) request.getSession().getAttribute(id);
-            //request.getSession().removeAttribute(id);
-            // create the image with the text
-            if(image!=null){
-	            ServletOutputStream out = response.getOutputStream();
-	            // write the data out
-	            ImageIO.write(byte2BufferedImage(image), "gif", out);
-	            try{
-                    out.flush();
-	            }finally{
-	                    out.close();
-	            }
-            }
-    }
-	
-	public static BufferedImage byte2BufferedImage(byte[]imageByte){
-        try {
-        	 InputStream in = new ByteArrayInputStream(imageByte);
-        	 BufferedImage bufferedImage = ImageIO.read(in);
-        	 return bufferedImage;
-		} catch (IOException e) {
-			e.printStackTrace();
-		}
-         return null;
-	}
-	
-	public static byte[] bufferedImage2Byte(BufferedImage  bufferedImage  ){
-        try {
-        	ByteArrayOutputStream byteArrayOutputStream=new ByteArrayOutputStream();
-        	ImageIO.write(bufferedImage,"gif",byteArrayOutputStream);
-        	return byteArrayOutputStream.toByteArray();
-		} catch (IOException e) {
-			e.printStackTrace();
-		}
-         return null;
-	}
-
-	public Producer getCaptchaProducer() {
-		return captchaProducer;
-	}
-
-	public void setCaptchaProducer(Producer captchaProducer) {
-		this.captchaProducer = captchaProducer;
-	}
-	
-	
-}
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
index f61539c7..934c3256 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
@@ -36,9 +36,10 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 	 */
 	@Override
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
-		 _logger.debug("PermissionAdapter preHandle");
+		 _logger.trace("PermissionAdapter preHandle");
 			//判断用户是否登录
 			if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色，判断用户是否登录用户
+				_logger.trace("No Authentication ... forward to /login");
 				RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
 				dispatcher.forward(request, response);
 				return false;
diff --git a/maxkey-web-maxkey/src/main/resources/application.properties b/maxkey-web-maxkey/src/main/resources/application.properties
index dda4f0bb..f6d2b698 100644
--- a/maxkey-web-maxkey/src/main/resources/application.properties
+++ b/maxkey-web-maxkey/src/main/resources/application.properties
@@ -5,6 +5,9 @@ server.port=80
 #web app context path
 server.servlet.context-path=/maxkey
 
+application.name=MaxKey
+application.formatted-version=v1.1 GA
+
 #for freemarker
 spring.freemarker.template-loader-path=classpath:/templates/views
 spring.freemarker.cache=false
diff --git a/maxkey-web-maxkey/src/main/resources/banner.txt b/maxkey-web-maxkey/src/main/resources/banner.txt
new file mode 100644
index 00000000..34211c3a
--- /dev/null
+++ b/maxkey-web-maxkey/src/main/resources/banner.txt
@@ -0,0 +1,7 @@
+   __  ___           __ __        
+  /  |/  /__ ___ __ / //_/__ __ __
+ / /|_/ / _ `/\ \ // ,< / -_) // /
+/_/  /_/\_,_//_\_\/_/|_|\__/\_, / 
+                           /___/  
+                              ${application.formatted-version} 
+ :: Spring Boot ::          ${spring-boot.formatted-version}
\ No newline at end of file
diff --git a/maxkey-web-maxkey/src/main/resources/log4j2.xml b/maxkey-web-maxkey/src/main/resources/log4j2.xml
index 994aeeb7..f0638b91 100644
--- a/maxkey-web-maxkey/src/main/resources/log4j2.xml
+++ b/maxkey-web-maxkey/src/main/resources/log4j2.xml
@@ -1,5 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>  
-<configuration status="INFO"  monitorInterval="300">  
+<!--DOCTYPE log4j:configuration SYSTEM "log4j.dtd" -->
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"
+	 status="INFO"  monitorInterval="300"
+>  
     <appenders>  
     	
         <Console name="consolePrint" target="SYSTEM_OUT">  
@@ -31,4 +34,4 @@
             <appender-ref ref="RollingFile" /> 
         </root>  
     </loggers>  
-</configuration>
\ No newline at end of file
+</log4j:configuration>
\ No newline at end of file
diff --git a/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml b/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
index 4719f262..9152c50c 100644
--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
@@ -25,15 +25,14 @@
 	<mvc:interceptors>
 		<!-- web Controller InterceptorAdapter for platform permission  -->
 		<mvc:interceptor>
-			<!-- for index -->
-			<mvc:mapping path="/index/*" />
-			<!-- for System -->
-			<mvc:mapping path="/logs/*" />
-			<mvc:mapping path="/userinfo/*" />
-			<mvc:mapping path="/relyingparty/*" />
-			<mvc:mapping path="/sysconfig/*" />
-			<mvc:mapping path="/users/*" />
-			<mvc:mapping path="/employees/*" />
+			<!-- for permission -->
+			<mvc:mapping path="/index*/**" />
+			<mvc:mapping path="/logs*/**" />
+			<mvc:mapping path="/userinfo*/**" />
+			<mvc:mapping path="/profile*/**" />
+			<mvc:mapping path="/safe*/**" />
+			<mvc:mapping path="/historys*/**" />
+			<mvc:mapping path="/appList*/**" />
 			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
 		</mvc:interceptor>	
 		<!-- web Controller InterceptorAdapter for platform log  -->
@@ -77,32 +76,15 @@
 		<property name="validity" value="${config.login.remeberme.validity}"/>
 	</bean>
 	
-	<bean id="timeBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
+	<bean id="keyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
 		<property name="type" value="totp" />
 		<property name="digits" value="6" />
-		<property name="issuer" value="ConnSec" />
-		<property name="domain" value="connsec.com" />
+		<property name="issuer" value="MaxKey" />
+		<property name="domain" value="MaxKey.org" />
 		<property name="period" value="30" />
 		
 	</bean>
 	
-	<bean id="counterBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
-		<property name="type" value="hotp" />
-		<property name="digits" value="6" />
-		<property name="issuer" value="maxkey" />
-		<property name="domain" value="maxkey.org" />
-		<property name="counter" value="0" />
-	</bean>
-	
-	<bean id="hotpKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
-		<property name="type" value="hotp" />
-		<property name="digits" value="6" />
-		<property name="issuer" value="maxkey" />
-		<property name="domain" value="maxkey.org" />
-		<property name="counter" value="0" />
-	</bean>
-	
-	
 	<bean id="tfaOTPAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOTPAuthn">
 		<constructor-arg ref="jdbcTemplate" /> 
 	</bean>
@@ -150,40 +132,8 @@
         </property>
 	</bean>
 	
-    
-	<!-- Follow is config for Spring security -->
-	<!--<csrf disabled="true"/>-->
-	<!-- Login  
-	<http use-expressions="false"  disable-url-rewriting="false" xmlns="http://www.springframework.org/schema/security" >
-		
-		<headers>
-			<frame-options policy="SAMEORIGIN" />
-		</headers> 
-		<access-denied-handler error-page="/login"/>
-		<intercept-url pattern="/index" access="ROLE_USER" />
-		<intercept-url pattern="/forwardindex" access="ROLE_USER" />
-   		<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER" />
-		<form-login authentication-failure-url="/login" 
-					default-target-url="/forwardindex" 
-					login-page="/login" 
-					login-processing-url="/logon.do"
-					username-parameter="j_username"
-					password-parameter="j_password"
-					authentication-success-handler-ref="savedRequestSuccessHandler"/>
-					
-		<logout  logout-url="/logout.do"  logout-success-url="/logout" invalidate-session="true" delete-cookies="JSESSIONID"  />
-		
-		<session-management invalid-session-url="/login" />
-		
-		<anonymous />
-	</http>
-	-->	
-
    	<bean id="savedRequestSuccessHandler" class="org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler"> </bean>
-	
-	<!-- spring authentication provider 
-	<authentication-manager alias="authenticationProvider"  xmlns="http://www.springframework.org/schema/security"/>
--->
+
 	<!-- LDAP Realm 
 	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
 		<constructor-arg ref="jdbcTemplate"/>
@@ -246,11 +196,7 @@
 	<!-- Authentication providers -->
     <bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
     </bean>
-    <!--
-	<authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
-		<authentication-provider ref= "realmAuthenticationProvider"/>  
-	</authentication-manager>
-    -->
+   
 	<mvc:annotation-driven />
 
 	<mvc:default-servlet-handler />
diff --git a/maxkey-web-maxkey/src/main/resources/templates/views/layout/left.ftl b/maxkey-web-maxkey/src/main/resources/templates/views/layout/left.ftl
deleted file mode 100644
index 139597f9..00000000
--- a/maxkey-web-maxkey/src/main/resources/templates/views/layout/left.ftl
+++ /dev/null
@@ -1,2 +0,0 @@
-
-
diff --git a/maxkey-web-maxkey/src/main/resources/templates/views/layout/nav_third.ftl b/maxkey-web-maxkey/src/main/resources/templates/views/layout/nav_third.ftl
deleted file mode 100644
index e69de29b..00000000