diff --git a/others/oauth_test.txt b/others/oauth_test.txt
index 8e9b1ce..fccbde2 100644
--- a/others/oauth_test.txt
+++ b/others/oauth_test.txt
@@ -38,11 +38,12 @@ http://localhost:8080/spring-oauth-server/oauth/token?client_id=mobile-client&cl
 
 
 Restful OAuth2 Test [POST]
-URL: /oauth2/rest_token
+URL: /oauth/rest_token
 ContentType: application/json
 
 DEMO URL: http://localhost:8080/spring-oauth-server/oauth2/rest_token
-Request Body: {"grant_type":"client_credentials","scope":"read","client_id":"credentials","client_secret":"credentials","username":"user","password":"123"}
+Request Body:
+{"grant_type":"client_credentials","scope":"read","client_id":"credentials","client_secret":"credentials","username":"user","password":"123"}
 
 Response Body:
 {
@@ -56,7 +57,7 @@ Response Body:
 
 
 更多的测试请访问
-http://git.oschina.net/mkk/spring-oauth-client
+https://gitee.com/mkk/spring-oauth-client
 
 
 ------------------------------------------------------------------------------------------------
diff --git a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
index 2992628..3464966 100644
--- a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
+++ b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
@@ -47,12 +47,12 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().ignoringAntMatchers("/oauth/authorize", "/oauth/token");
+        http.csrf().ignoringAntMatchers("/oauth/authorize", "/oauth/token", "/oauth/rest_token");
 
         http.authorizeRequests()
                 .antMatchers("/public/**").permitAll()
                 .antMatchers("/static/**").permitAll()
-                .antMatchers("/oauth2/rest_token*").permitAll()
+                .antMatchers("/oauth/rest_token*").permitAll()
                 .antMatchers("/login*").permitAll()
 
                 .antMatchers("/user/**").hasAnyRole("ADMIN")
diff --git a/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java b/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
index 99bbd3c..81dd2f1 100644
--- a/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
+++ b/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
@@ -76,7 +76,7 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
     private WebResponseExceptionTranslator providerExceptionHandler = new DefaultWebResponseExceptionTranslator();
 
 
-    @RequestMapping(value = "/oauth2/rest_token", method = RequestMethod.POST)
+    @RequestMapping(value = "/oauth/rest_token", method = RequestMethod.POST)
     @ResponseBody
     public OAuth2AccessToken postAccessToken(@RequestBody Map<String, String> parameters) {