diff --git a/db/增量SQL/sas升级脚本.sql b/db/增量SQL/sas升级脚本.sql
index d0e29525..6417a915 100644
--- a/db/增量SQL/sas升级脚本.sql
+++ b/db/增量SQL/sas升级脚本.sql
@@ -37,7 +37,7 @@ now(),
 null,
 '3eacac0e-0de9-4727-9a64-6bdd4be2ee1f',
 'client_secret_basic',
-'refresh_token,authorization_code,password',
+'refresh_token,authorization_code,password,app,phone,social',
 'http://127.0.0.1:8080/jeecg-',
 'http://127.0.0.1:8080/',
 '*',
diff --git a/jeecg-boot-base-core/pom.xml b/jeecg-boot-base-core/pom.xml
index 018a026c..738728d0 100644
--- a/jeecg-boot-base-core/pom.xml
+++ b/jeecg-boot-base-core/pom.xml
@@ -173,63 +173,6 @@
 			<version>${java-jwt.version}</version>
 		</dependency>
 
-		<!--shiro-->
-		<dependency>
-			<groupId>org.apache.shiro</groupId>
-			<artifactId>shiro-spring-boot-starter</artifactId>
-			<version>${shiro.version}</version>
-			<exclusions>
-				<exclusion>
-					<groupId>org.apache.shiro</groupId>
-					<artifactId>shiro-spring</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
-		<!-- shiro-redis -->
-		<dependency>
-			<groupId>org.crazycake</groupId>
-			<artifactId>shiro-redis</artifactId>
-			<version>${shiro-redis.version}</version>
-			<exclusions>
-				<exclusion>
-					<groupId>org.apache.shiro</groupId>
-					<artifactId>shiro-core</artifactId>
-				</exclusion>
-				<exclusion>
-					<artifactId>checkstyle</artifactId>
-					<groupId>com.puppycrawl.tools</groupId>
-				</exclusion>
-				<!-- TODO shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理 -->
-				<exclusion>
-					<artifactId>jedis</artifactId>
-					<groupId>redis.clients</groupId>
-				</exclusion>
-			</exclusions>
-		</dependency>
-		<!-- TODO shiro 无法使用 spring boot 3.X 自带的jedis，降版本处理 -->
-		<dependency>
-			<groupId>redis.clients</groupId>
-			<artifactId>jedis</artifactId>
-			<version>2.9.0</version>
-		</dependency>
-
-		<dependency>
-			<groupId>org.apache.shiro</groupId>
-			<artifactId>shiro-spring</artifactId>
-			<classifier>jakarta</classifier>
-			<version>${shiro.version}</version>
-			<!-- 排除仍使用了javax.servlet的依赖 -->
-			<exclusions>
-				<exclusion>
-					<groupId>org.apache.shiro</groupId>
-					<artifactId>shiro-core</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>org.apache.shiro</groupId>
-					<artifactId>shiro-web</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
 
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
@@ -244,25 +187,6 @@
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-cas</artifactId>
 		</dependency>
-		<!-- 引入适配jakarta的依赖包 -->
-		<dependency>
-			<groupId>org.apache.shiro</groupId>
-			<artifactId>shiro-core</artifactId>
-			<classifier>jakarta</classifier>
-			<version>${shiro.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.shiro</groupId>
-			<artifactId>shiro-web</artifactId>
-			<classifier>jakarta</classifier>
-			<version>${shiro.version}</version>
-			<exclusions>
-				<exclusion>
-					<groupId>org.apache.shiro</groupId>
-					<artifactId>shiro-core</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
 
 		<!-- knife4j -->
 		<dependency>
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
index f69b8d04..67f96fec 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java
@@ -2,8 +2,6 @@ package org.jeecg.common.exception;
 
 import cn.hutool.core.util.ObjectUtil;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.authz.UnauthorizedException;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.enums.SentinelErrorInfoEnum;
 import org.springframework.dao.DataIntegrityViolationException;
@@ -87,12 +85,6 @@ public class JeecgBootExceptionHandler {
 		return Result.error("数据库中已存在该记录");
 	}
 
-	@ExceptionHandler({UnauthorizedException.class, AuthorizationException.class})
-	public Result<?> handleAuthorizationException(AuthorizationException e){
-		log.error(e.getMessage(), e);
-		return Result.noauth("没有权限，请联系管理员授权");
-	}
-
 	@ExceptionHandler(AccessDeniedException.class)
 	public Result<?> handleAuthorizationException(AccessDeniedException e){
 		log.error(e.getMessage(), e);
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
index 4f703754..b143c4ac 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java
@@ -7,7 +7,6 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.IService;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.beanutils.PropertyUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
index 670f3ebd..e75092cc 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java
@@ -1,10 +1,9 @@
 package org.jeecg.common.util.encryption;
 
-import org.apache.shiro.codec.Base64;
-
 import javax.crypto.Cipher;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
+import java.util.Base64;
 
 /**
  * @Description: AES 加密
@@ -49,7 +48,7 @@ public class AesEncryptUtil {
             cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
             byte[] encrypted = cipher.doFinal(plaintext);
 
-            return Base64.encodeToString(encrypted);
+            return Base64.getEncoder().encodeToString(encrypted);
 
         } catch (Exception e) {
             e.printStackTrace();
@@ -67,7 +66,7 @@ public class AesEncryptUtil {
      */
     public static String desEncrypt(String data, String key, String iv) throws Exception {
         //update-begin-author:taoyan date:2022-5-23 for:VUEN-1084 【vue3】online表单测试发现的新问题 6、解密报错 ---解码失败应该把异常抛出去，在外面处理
-        byte[] encrypted1 = Base64.decode(data);
+        byte[] encrypted1 = Base64.getDecoder().decode(data);
 
         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
index 4597d216..a6cb28e5 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
@@ -32,10 +32,6 @@ public class JeecgBaseConfig {
      */
     private Firewall firewall;
     
-    /**
-     * shiro拦截排除
-     */
-    private Shiro shiro;
     /**
      * 上传文件配置
      */
@@ -88,14 +84,6 @@ public class JeecgBaseConfig {
         this.signatureSecret = signatureSecret;
     }
 
-    public Shiro getShiro() {
-        return shiro;
-    }
-
-    public void setShiro(Shiro shiro) {
-        this.shiro = shiro;
-    }
-
     public Path getPath() {
         return path;
     }
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
index 071d1406..404e24e4 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java
@@ -2,7 +2,6 @@ package org.jeecg.config.firewall.interceptor;
 
 import com.alibaba.fastjson.JSON;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.CommonAPI;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
@@ -11,6 +10,7 @@ import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.CommonUtils;
 import org.jeecg.common.util.SpringContextUtils;
 import org.jeecg.config.JeecgBaseConfig;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.servlet.HandlerInterceptor;
 
@@ -63,7 +63,7 @@ public class LowCodeModeInterceptor implements HandlerInterceptor {
         if (jeecgBaseConfig.getFirewall()!=null && LowCodeModeInterceptor.LOW_CODE_MODE_PROD.equals(jeecgBaseConfig.getFirewall().getLowCodeMode())) {
             String requestURI = request.getRequestURI().substring(request.getContextPath().length());
             log.info("低代码模式，拦截请求路径：" + requestURI);
-            LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+            LoginUser loginUser = SecureUtil.currentUser();
             Set<String> hasRoles = null;
             if (loginUser == null) {
                 loginUser = commonAPI.getUserByName(JwtUtil.getUserNameByToken(SpringContextUtils.getHttpServletRequest()));
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
index 90cca20b..825d0f25 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java
@@ -6,11 +6,11 @@ import org.apache.ibatis.executor.Executor;
 import org.apache.ibatis.mapping.MappedStatement;
 import org.apache.ibatis.mapping.SqlCommandType;
 import org.apache.ibatis.plugin.*;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.TenantConstant;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.springframework.stereotype.Component;
 
 import java.lang.reflect.Field;
@@ -173,7 +173,7 @@ public class MybatisInterceptor implements Interceptor {
 	private LoginUser getLoginUser() {
 		LoginUser sysUser = null;
 		try {
-			sysUser = SecurityUtils.getSubject().getPrincipal() != null ? (LoginUser) SecurityUtils.getSubject().getPrincipal() : null;
+			sysUser = SecureUtil.currentUser() != null ? SecureUtil.currentUser() : null;
 		} catch (Exception e) {
 			//e.printStackTrace();
 			sysUser = null;
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java
index 06e59a8a..c5ee9620 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/LoginType.java
@@ -28,4 +28,9 @@ public class LoginType {
      * 扫码登录
      */
     public static final String SCAN = "scan";
+
+    /**
+     * 所有联合登录，比如github\钉钉\企业微信\微信
+     */
+    public static final String SOCIAL = "social";
 }
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
index 809cca92..7f22a93e 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
@@ -6,8 +6,14 @@ import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
 import com.nimbusds.jose.jwk.source.JWKSource;
 import com.nimbusds.jose.proc.SecurityContext;
 import lombok.AllArgsConstructor;
+import org.jeecg.config.security.app.AppGrantAuthenticationConvert;
+import org.jeecg.config.security.app.AppGrantAuthenticationProvider;
 import org.jeecg.config.security.password.PasswordGrantAuthenticationConvert;
 import org.jeecg.config.security.password.PasswordGrantAuthenticationProvider;
+import org.jeecg.config.security.phone.PhoneGrantAuthenticationConvert;
+import org.jeecg.config.security.phone.PhoneGrantAuthenticationProvider;
+import org.jeecg.config.security.social.SocialGrantAuthenticationConvert;
+import org.jeecg.config.security.social.SocialGrantAuthenticationProvider;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
@@ -17,6 +23,7 @@ import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
@@ -47,7 +54,7 @@ import java.util.UUID;
  */
 @Configuration
 @EnableWebSecurity
-@EnableMethodSecurity(jsr250Enabled = true, securedEnabled = true)
+@EnableMethodSecurity
 @AllArgsConstructor
 public class SecurityConfig {
 
@@ -62,6 +69,12 @@ public class SecurityConfig {
         http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
                 .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new PasswordGrantAuthenticationConvert())
                         .authenticationProvider(new PasswordGrantAuthenticationProvider(authorizationService, tokenGenerator())))
+                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new PhoneGrantAuthenticationConvert())
+                        .authenticationProvider(new PhoneGrantAuthenticationProvider(authorizationService, tokenGenerator())))
+                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new AppGrantAuthenticationConvert())
+                        .authenticationProvider(new AppGrantAuthenticationProvider(authorizationService, tokenGenerator())))
+                .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new SocialGrantAuthenticationConvert())
+                        .authenticationProvider(new SocialGrantAuthenticationProvider(authorizationService, tokenGenerator())))
                 //开启OpenID Connect 1.0（其中oidc为OpenID Connect的缩写）。 访问 /.well-known/openid-configuration即可获取认证信息
                 .oidc(Customizer.withDefaults());	// Enable OpenID Connect 1.0
         http
@@ -153,6 +166,7 @@ public class SecurityConfig {
                             config.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
                             return config;
                         }))
+                .csrf(AbstractHttpConfigurer::disable)
                 .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()));
         return http.build();
     }
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
index 29ef8b12..2d403401 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
@@ -68,11 +68,11 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider {
 
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        PasswordGrantAuthenticationToken passwordGrantAuthenticationToken =  (PasswordGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = passwordGrantAuthenticationToken.getAdditionalParameters();
+        AppGrantAuthenticationToken appGrantAuthenticationToken =  (AppGrantAuthenticationToken) authentication;
+        Map<String, Object> additionalParameter = appGrantAuthenticationToken.getAdditionalParameters();
 
         // 授权类型
-        AuthorizationGrantType authorizationGrantType = passwordGrantAuthenticationToken.getGrantType();
+        AuthorizationGrantType authorizationGrantType = appGrantAuthenticationToken.getGrantType();
         // 用户名
         String username = (String) additionalParameter.get(OAuth2ParameterNames.USERNAME);
         // 密码
@@ -105,7 +105,7 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider {
             throw new JeecgCaptchaException(HttpStatus.PRECONDITION_FAILED.value(), "验证码错误");
         }
 
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken);
+        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(appGrantAuthenticationToken);
         RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
         if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
@@ -132,7 +132,7 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider {
                 .authorizationServerContext(AuthorizationServerContextHolder.getContext())
                 .authorizationGrantType(authorizationGrantType)
                 .authorizedScopes(requestScopeSet)
-                .authorizationGrant(passwordGrantAuthenticationToken);
+                .authorizationGrant(appGrantAuthenticationToken);
 
         OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
                 .principalName(clientPrincipal.getName())
@@ -212,7 +212,7 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider {
 
     @Override
     public boolean supports(Class<?> authentication) {
-        return PasswordGrantAuthenticationToken.class.isAssignableFrom(authentication);
+        return AppGrantAuthenticationToken.class.isAssignableFrom(authentication);
     }
 
     private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java
index 85f4b14f..66d92927 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationConvert.java
@@ -36,8 +36,7 @@ public class PhoneGrantAuthenticationConvert implements AuthenticationConverter
 
         // 验证码
         String captcha = parameters.getFirst("captcha");
-        if (!StringUtils.hasText(captcha) ||
-                parameters.get(OAuth2ParameterNames.USERNAME).size() != 1) {
+        if (!StringUtils.hasText(captcha)) {
             throw new OAuth2AuthenticationException("无效请求，验证码不能为空！");
         }
 
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java
index e2ed2355..08cd27f1 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/phone/PhoneGrantAuthenticationProvider.java
@@ -68,11 +68,11 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider
 
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        PasswordGrantAuthenticationToken passwordGrantAuthenticationToken =  (PasswordGrantAuthenticationToken) authentication;
-        Map<String, Object> additionalParameter = passwordGrantAuthenticationToken.getAdditionalParameters();
+        PhoneGrantAuthenticationToken phoneGrantAuthenticationToken =  (PhoneGrantAuthenticationToken) authentication;
+        Map<String, Object> additionalParameter = phoneGrantAuthenticationToken.getAdditionalParameters();
 
         // 授权类型
-        AuthorizationGrantType authorizationGrantType = passwordGrantAuthenticationToken.getGrantType();
+        AuthorizationGrantType authorizationGrantType = phoneGrantAuthenticationToken.getGrantType();
         // 手机号
         String phone = (String) additionalParameter.get("mobile");
 
@@ -102,7 +102,7 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider
             throw new JeecgBootException("手机验证码错误");
         }
 
-        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(passwordGrantAuthenticationToken);
+        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(phoneGrantAuthenticationToken);
         RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
         if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
@@ -118,7 +118,7 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider
                 .authorizationServerContext(AuthorizationServerContextHolder.getContext())
                 .authorizationGrantType(authorizationGrantType)
                 .authorizedScopes(requestScopeSet)
-                .authorizationGrant(passwordGrantAuthenticationToken);
+                .authorizationGrant(phoneGrantAuthenticationToken);
 
         OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
                 .principalName(clientPrincipal.getName())
@@ -195,7 +195,7 @@ public class PhoneGrantAuthenticationProvider implements AuthenticationProvider
 
     @Override
     public boolean supports(Class<?> authentication) {
-        return PasswordGrantAuthenticationToken.class.isAssignableFrom(authentication);
+        return PhoneGrantAuthenticationToken.class.isAssignableFrom(authentication);
     }
 
     private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationConvert.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationConvert.java
new file mode 100644
index 00000000..67a43bd3
--- /dev/null
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationConvert.java
@@ -0,0 +1,80 @@
+package org.jeecg.config.security.social;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.AllArgsConstructor;
+import org.jeecg.config.security.LoginType;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
+import org.springframework.security.web.authentication.AuthenticationConverter;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.util.StringUtils;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author EightMonth
+ * @date 2024/1/1
+ */
+@AllArgsConstructor
+public class SocialGrantAuthenticationConvert implements AuthenticationConverter {
+    @Override
+    public Authentication convert(HttpServletRequest request) {
+
+        String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
+        if (!LoginType.SOCIAL.equals(grantType)) {
+            return null;
+        }
+
+        Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
+
+        //从request中提取请求参数，然后存入MultiValueMap<String, String>
+        MultiValueMap<String, String> parameters = getParameters(request);
+
+        String token = parameters.getFirst("token");
+        if (!StringUtils.hasText(token)) {
+            throw new OAuth2AuthenticationException("无效请求，三方token不能为空！");
+        }
+
+        String source = parameters.getFirst("thirdType");
+        if (!StringUtils.hasText(source)) {
+            throw new OAuth2AuthenticationException("无效请求，三方来源不能为空！");
+        }
+
+        //收集要传入PhoneGrantAuthenticationToken构造方法的参数，
+        //该参数接下来在PhoneGrantAuthenticationProvider中使用
+        Map<String, Object> additionalParameters = new HashMap<>();
+        //遍历从request中提取的参数，排除掉grant_type、client_id、code等字段参数，其他参数收集到additionalParameters中
+        parameters.forEach((key, value) -> {
+            if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
+                    !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
+                    !key.equals(OAuth2ParameterNames.CODE)) {
+                additionalParameters.put(key, value.get(0));
+            }
+        });
+
+        //返回自定义的PhoneGrantAuthenticationToken对象
+        return new SocialGrantAuthenticationToken(clientPrincipal, additionalParameters);
+
+    }
+
+    /**
+     *从request中提取请求参数，然后存入MultiValueMap<String, String>
+     */
+    private static MultiValueMap<String, String> getParameters(HttpServletRequest request) {
+        Map<String, String[]> parameterMap = request.getParameterMap();
+        MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(parameterMap.size());
+        parameterMap.forEach((key, values) -> {
+            if (values.length > 0) {
+                for (String value : values) {
+                    parameters.add(key, value);
+                }
+            }
+        });
+        return parameters;
+    }
+
+}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java
new file mode 100644
index 00000000..9371dcd4
--- /dev/null
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationProvider.java
@@ -0,0 +1,253 @@
+package org.jeecg.config.security.social;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import lombok.extern.slf4j.Slf4j;
+import org.jeecg.common.api.CommonAPI;
+import org.jeecg.common.constant.CommonConstant;
+import org.jeecg.common.exception.JeecgBootException;
+import org.jeecg.common.system.vo.LoginUser;
+import org.jeecg.common.system.vo.SysDepartModel;
+import org.jeecg.common.util.RedisUtil;
+import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.config.JeecgBaseConfig;
+import org.jeecg.config.security.password.PasswordGrantAuthenticationToken;
+import org.jeecg.modules.base.service.BaseCommonService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.oauth2.core.*;
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
+import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
+import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
+import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
+import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
+import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
+import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
+import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
+import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
+import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
+import org.springframework.util.Assert;
+
+import java.security.Principal;
+import java.util.*;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+/**
+ * @author EightMonth
+ * @date 2024/1/1
+ */
+@Slf4j
+public class SocialGrantAuthenticationProvider implements AuthenticationProvider {
+
+    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
+
+    private final OAuth2AuthorizationService authorizationService;
+    private final OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
+    @Autowired
+    private CommonAPI commonAPI;
+    @Autowired
+    private RedisUtil redisUtil;
+    @Autowired
+    private JeecgBaseConfig jeecgBaseConfig;
+    @Autowired
+    private BaseCommonService baseCommonService;
+
+    public SocialGrantAuthenticationProvider(OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator) {
+        Assert.notNull(authorizationService, "authorizationService cannot be null");
+        Assert.notNull(tokenGenerator, "tokenGenerator cannot be null");
+        this.authorizationService = authorizationService;
+        this.tokenGenerator = tokenGenerator;
+    }
+
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        SocialGrantAuthenticationToken socialGrantAuthenticationToken =  (SocialGrantAuthenticationToken) authentication;
+        Map<String, Object> additionalParameter = socialGrantAuthenticationToken.getAdditionalParameters();
+
+        // 授权类型
+        AuthorizationGrantType authorizationGrantType = socialGrantAuthenticationToken.getGrantType();
+        // 三方token
+        String token = (String) additionalParameter.get("token");
+        // 三方来源
+        String source = (String) additionalParameter.get("thirdType");
+
+        //请求参数权限范围
+        String requestScopesStr = (String)additionalParameter.getOrDefault(OAuth2ParameterNames.SCOPE, "*");
+        //请求参数权限范围专场集合
+        Set<String> requestScopeSet = Stream.of(requestScopesStr.split(" ")).collect(Collectors.toSet());
+
+        DecodedJWT jwt = JWT.decode(token);
+        String username = jwt.getClaim("username").asString();
+
+        LoginUser loginUser = commonAPI.getUserByName(username);
+        // 检查用户可行性
+        checkUserIsEffective(loginUser);
+
+        OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(socialGrantAuthenticationToken);
+        RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
+
+        if (!registeredClient.getAuthorizationGrantTypes().contains(authorizationGrantType)) {
+            throw new JeecgBootException("非法登录");
+        }
+
+        //由于在上面已验证过用户名、密码，现在构建一个已认证的对象UsernamePasswordAuthenticationToken
+        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = UsernamePasswordAuthenticationToken.authenticated(loginUser,clientPrincipal,new ArrayList<>());
+
+        DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
+                .registeredClient(registeredClient)
+                .principal(usernamePasswordAuthenticationToken)
+                .authorizationServerContext(AuthorizationServerContextHolder.getContext())
+                .authorizationGrantType(authorizationGrantType)
+                .authorizedScopes(requestScopeSet)
+                .authorizationGrant(socialGrantAuthenticationToken);
+
+        OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
+                .principalName(clientPrincipal.getName())
+                .authorizedScopes(requestScopeSet)
+                .attribute(Principal.class.getName(), loginUser.getUsername())
+                .authorizationGrantType(authorizationGrantType);
+
+
+        // ----- Access token -----
+        OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
+        OAuth2Token generatedAccessToken = this.tokenGenerator.generate(tokenContext);
+        if (generatedAccessToken == null) {
+            OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR,
+                    "无法生成访问token，请联系管理系。", ERROR_URI);
+            throw new OAuth2AuthenticationException(error);
+        }
+        OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
+                generatedAccessToken.getTokenValue(), generatedAccessToken.getIssuedAt(),
+                generatedAccessToken.getExpiresAt(), tokenContext.getAuthorizedScopes());
+        if (generatedAccessToken instanceof ClaimAccessor) {
+            authorizationBuilder.token(accessToken, (metadata) -> {
+                    metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME, ((ClaimAccessor) generatedAccessToken).getClaims());
+            });
+        } else {
+            authorizationBuilder.accessToken(accessToken);
+        }
+
+        // ----- Refresh token -----
+        OAuth2RefreshToken refreshToken = null;
+        if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.REFRESH_TOKEN) &&
+                // 不向公共客户端颁发刷新令牌
+                !clientPrincipal.getClientAuthenticationMethod().equals(ClientAuthenticationMethod.NONE)) {
+
+            tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build();
+            OAuth2Token generatedRefreshToken = this.tokenGenerator.generate(tokenContext);
+            if (!(generatedRefreshToken instanceof OAuth2RefreshToken)) {
+                OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR,
+                        "无法生成刷新token，请联系管理员。", ERROR_URI);
+                throw new OAuth2AuthenticationException(error);
+            }
+
+            refreshToken = (OAuth2RefreshToken) generatedRefreshToken;
+            authorizationBuilder.refreshToken(refreshToken);
+        }
+
+        OAuth2Authorization authorization = authorizationBuilder.build();
+
+        authorizationService.save(authorization);
+
+        baseCommonService.addLog("用户名: " + loginUser.getUsername() + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
+
+        Map<String, Object> addition = new HashMap<>();
+        // 设置登录用户信息
+        addition.put("userInfo", loginUser);
+        addition.put("sysAllDictItems", commonAPI.queryAllDictItems());
+
+        List<SysDepartModel> departs = commonAPI.queryUserDeparts(loginUser.getId());
+        addition.put("departs", departs);
+        if (departs == null || departs.size() == 0) {
+            addition.put("multi_depart", 0);
+        } else if (departs.size() == 1) {
+            commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
+            addition.put("multi_depart", 1);
+        } else {
+            //查询当前是否有登录部门
+            if(oConvertUtils.isEmpty(loginUser.getOrgCode())){
+                commonAPI.updateUserDepart(loginUser.getUsername(), departs.get(0).getOrgCode(),null);
+            }
+            addition.put("multi_depart", 2);
+        }
+
+        return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, addition);
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return SocialGrantAuthenticationToken.class.isAssignableFrom(authentication);
+    }
+
+    private static OAuth2ClientAuthenticationToken getAuthenticatedClientElseThrowInvalidClient(Authentication authentication) {
+        OAuth2ClientAuthenticationToken clientPrincipal = null;
+        if (OAuth2ClientAuthenticationToken.class.isAssignableFrom(authentication.getPrincipal().getClass())) {
+            clientPrincipal = (OAuth2ClientAuthenticationToken) authentication.getPrincipal();
+        }
+        if (clientPrincipal != null && clientPrincipal.isAuthenticated()) {
+            return clientPrincipal;
+        }
+        throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_CLIENT);
+    }
+
+    /**
+     * 登录失败超出次数5 返回true
+     * @param username
+     * @return
+     */
+    private boolean isLoginFailOvertimes(String username){
+        String key = CommonConstant.LOGIN_FAIL + username;
+        Object failTime = redisUtil.get(key);
+        if(failTime!=null){
+            Integer val = Integer.parseInt(failTime.toString());
+            if(val>5){
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 记录登录失败次数
+     * @param username
+     */
+    private void addLoginFailOvertimes(String username){
+        String key = CommonConstant.LOGIN_FAIL + username;
+        Object failTime = redisUtil.get(key);
+        Integer val = 0;
+        if(failTime!=null){
+            val = Integer.parseInt(failTime.toString());
+        }
+        // 10分钟
+        redisUtil.set(key, ++val, 10);
+    }
+
+    /**
+     * 校验用户是否有效
+     */
+    private void checkUserIsEffective(LoginUser loginUser) {
+        //情况1：根据用户信息查询，该用户不存在
+        if (Objects.isNull(loginUser)) {
+            baseCommonService.addLog("用户登录失败，用户不存在！", CommonConstant.LOG_TYPE_1, null);
+            throw new JeecgBootException("该用户不存在，请注册");
+        }
+        //情况2：根据用户信息查询，该用户已注销
+        //update-begin---author:王帅   Date:20200601  for：if条件永远为falsebug------------
+        if (CommonConstant.DEL_FLAG_1.equals(loginUser.getDelFlag())) {
+            //update-end---author:王帅   Date:20200601  for：if条件永远为falsebug------------
+            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已注销！", CommonConstant.LOG_TYPE_1, null);
+            throw new JeecgBootException("该用户已注销");
+        }
+        //情况3：根据用户信息查询，该用户已冻结
+        if (CommonConstant.USER_FREEZE.equals(loginUser.getStatus())) {
+            baseCommonService.addLog("用户登录失败，用户名:" + loginUser.getUsername() + "已冻结！", CommonConstant.LOG_TYPE_1, null);
+            throw new JeecgBootException("该用户已冻结");
+        }
+    }
+
+}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationToken.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationToken.java
new file mode 100644
index 00000000..455824d0
--- /dev/null
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/social/SocialGrantAuthenticationToken.java
@@ -0,0 +1,20 @@
+package org.jeecg.config.security.social;
+
+import org.jeecg.config.security.LoginType;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
+
+import java.util.Map;
+
+/**
+ * @author EightMonth
+ * @date 2024/1/1
+ */
+public class SocialGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
+
+    public SocialGrantAuthenticationToken(Authentication clientPrincipal, Map<String, Object> additionalParameters) {
+        super(new AuthorizationGrantType(LoginType.SOCIAL), clientPrincipal, additionalParameters);
+    }
+
+}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java
deleted file mode 100644
index 0507c541..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/JwtToken.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package org.jeecg.config.shiro;
- 
-import org.apache.shiro.authc.AuthenticationToken;
-
-/**
- * @Author Scott
- * @create 2018-07-12 15:19
- * @desc
- **/
-public class JwtToken implements AuthenticationToken {
-	
-	private static final long serialVersionUID = 1L;
-	private String token;
- 
-    public JwtToken(String token) {
-        this.token = token;
-    }
- 
-    @Override
-    public Object getPrincipal() {
-        return token;
-    }
- 
-    @Override
-    public Object getCredentials() {
-        return token;
-    }
-}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
deleted file mode 100644
index 136751b7..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
+++ /dev/null
@@ -1,301 +0,0 @@
-package org.jeecg.config.shiro;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
-import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
-import org.apache.shiro.mgt.DefaultSubjectDAO;
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.spring.LifecycleBeanPostProcessor;
-import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
-import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
-import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
-import org.crazycake.shiro.*;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.JeecgBaseConfig;
-import org.jeecg.config.shiro.filters.CustomShiroFilterFactoryBean;
-import org.jeecg.config.shiro.filters.JwtFilter;
-import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.DependsOn;
-import org.springframework.core.env.Environment;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-import org.springframework.util.CollectionUtils;
-import org.springframework.util.StringUtils;
-import redis.clients.jedis.HostAndPort;
-import redis.clients.jedis.JedisCluster;
-
-import jakarta.annotation.Resource;
-import jakarta.servlet.Filter;
-import java.util.*;
-import java.util.stream.Collectors;
-
-/**
- * @author: Scott
- * @date: 2018/2/7
- * @description: shiro 配置类
- */
-
-@Slf4j
-//@Configuration
-public class ShiroConfig {
-
-    @Resource
-    private LettuceConnectionFactory lettuceConnectionFactory;
-    @Autowired
-    private Environment env;
-    @Resource
-    private JeecgBaseConfig jeecgBaseConfig;
-    @Autowired(required = false)
-    private RedisProperties redisProperties;
-
-    /**
-     * Filter Chain定义说明
-     *
-     * 1、一个URL可以配置多个Filter，使用逗号分隔
-     * 2、当设置多个过滤器时，全部验证通过，才视为通过
-     * 3、部分过滤器可指定参数，如perms，roles
-     */
-    @Bean("shiroFilterFactoryBean")
-    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
-        CustomShiroFilterFactoryBean shiroFilterFactoryBean = new CustomShiroFilterFactoryBean();
-        shiroFilterFactoryBean.setSecurityManager(securityManager);
-        // 拦截器
-        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
-
-        //支持yml方式，配置拦截排除
-        if(jeecgBaseConfig!=null && jeecgBaseConfig.getShiro()!=null){
-            String shiroExcludeUrls = jeecgBaseConfig.getShiro().getExcludeUrls();
-            if(oConvertUtils.isNotEmpty(shiroExcludeUrls)){
-                String[] permissionUrl = shiroExcludeUrls.split(",");
-                for(String url : permissionUrl){
-                    filterChainDefinitionMap.put(url,"anon");
-                }
-            }
-        }
-        // 配置不会被拦截的链接 顺序判断
-        filterChainDefinitionMap.put("/sys/cas/client/validateLogin", "anon"); //cas验证登录
-        filterChainDefinitionMap.put("/sys/randomImage/**", "anon"); //登录验证码接口排除
-        filterChainDefinitionMap.put("/sys/checkCaptcha", "anon"); //登录验证码接口排除
-        filterChainDefinitionMap.put("/sys/login", "anon"); //登录接口排除
-        filterChainDefinitionMap.put("/sys/mLogin", "anon"); //登录接口排除
-        filterChainDefinitionMap.put("/sys/logout", "anon"); //登出接口排除
-        filterChainDefinitionMap.put("/sys/thirdLogin/**", "anon"); //第三方登录
-        filterChainDefinitionMap.put("/sys/getEncryptedString", "anon"); //获取加密串
-        filterChainDefinitionMap.put("/sys/sms", "anon");//短信验证码
-        filterChainDefinitionMap.put("/sys/phoneLogin", "anon");//手机登录
-        filterChainDefinitionMap.put("/sys/user/checkOnlyUser", "anon");//校验用户是否存在
-        filterChainDefinitionMap.put("/sys/user/register", "anon");//用户注册
-        filterChainDefinitionMap.put("/sys/user/phoneVerification", "anon");//用户忘记密码验证手机号
-        filterChainDefinitionMap.put("/sys/user/passwordChange", "anon");//用户更改密码
-        filterChainDefinitionMap.put("/auth/2step-code", "anon");//登录验证码
-        filterChainDefinitionMap.put("/sys/common/static/**", "anon");//图片预览 &下载文件不限制token
-        filterChainDefinitionMap.put("/sys/common/pdf/**", "anon");//pdf预览
-        filterChainDefinitionMap.put("/generic/**", "anon");//pdf预览需要文件
-
-        filterChainDefinitionMap.put("/sys/getLoginQrcode/**", "anon"); //登录二维码
-        filterChainDefinitionMap.put("/sys/getQrcodeToken/**", "anon"); //监听扫码
-        filterChainDefinitionMap.put("/sys/checkAuth", "anon"); //授权接口排除
-
-
-        filterChainDefinitionMap.put("/", "anon");
-        filterChainDefinitionMap.put("/doc.html", "anon");
-        filterChainDefinitionMap.put("/**/*.js", "anon");
-        filterChainDefinitionMap.put("/**/*.css", "anon");
-        filterChainDefinitionMap.put("/**/*.html", "anon");
-        filterChainDefinitionMap.put("/**/*.svg", "anon");
-        filterChainDefinitionMap.put("/**/*.pdf", "anon");
-        filterChainDefinitionMap.put("/**/*.jpg", "anon");
-        filterChainDefinitionMap.put("/**/*.png", "anon");
-        filterChainDefinitionMap.put("/**/*.gif", "anon");
-        filterChainDefinitionMap.put("/**/*.ico", "anon");
-        filterChainDefinitionMap.put("/**/*.ttf", "anon");
-        filterChainDefinitionMap.put("/**/*.woff", "anon");
-        filterChainDefinitionMap.put("/**/*.woff2", "anon");
-
-        filterChainDefinitionMap.put("/druid/**", "anon");
-        filterChainDefinitionMap.put("/swagger-ui.html", "anon");
-        filterChainDefinitionMap.put("/swagger**/**", "anon");
-        filterChainDefinitionMap.put("/webjars/**", "anon");
-        filterChainDefinitionMap.put("/v3/**", "anon");
-        // 企业微信证书排除
-        filterChainDefinitionMap.put("/WW_verify*", "anon");
-
-        filterChainDefinitionMap.put("/sys/annountCement/show/**", "anon");
-
-        //积木报表排除
-        filterChainDefinitionMap.put("/jmreport/**", "anon");
-        filterChainDefinitionMap.put("/**/*.js.map", "anon");
-        filterChainDefinitionMap.put("/**/*.css.map", "anon");
-        
-        //拖拽仪表盘设计器排除
-        filterChainDefinitionMap.put("/drag/view", "anon");
-        filterChainDefinitionMap.put("/drag/page/queryById", "anon");
-        filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getAllChartData", "anon");
-        filterChainDefinitionMap.put("/drag/onlDragDatasetHead/getTotalData", "anon");
-        filterChainDefinitionMap.put("/drag/mock/json/**", "anon");
-        //大屏模板例子
-        filterChainDefinitionMap.put("/test/bigScreen/**", "anon");
-        filterChainDefinitionMap.put("/bigscreen/template1/**", "anon");
-        filterChainDefinitionMap.put("/bigscreen/template1/**", "anon");
-        //filterChainDefinitionMap.put("/test/jeecgDemo/rabbitMqClientTest/**", "anon"); //MQ测试
-        //filterChainDefinitionMap.put("/test/jeecgDemo/html", "anon"); //模板页面
-        //filterChainDefinitionMap.put("/test/jeecgDemo/redis/**", "anon"); //redis测试
-
-        //websocket排除
-        filterChainDefinitionMap.put("/websocket/**", "anon");//系统通知和公告
-        filterChainDefinitionMap.put("/newsWebsocket/**", "anon");//CMS模块
-        filterChainDefinitionMap.put("/vxeSocket/**", "anon");//JVxeTable无痕刷新示例
-
-        //性能监控——安全隐患泄露TOEKN（durid连接池也有）
-        //filterChainDefinitionMap.put("/actuator/**", "anon");
-        //测试模块排除
-        filterChainDefinitionMap.put("/test/seata/**", "anon");
-
-        // update-begin--author:liusq Date:20230522 for：[issues/4829]访问不存在的url时会提示Token失效，请重新登录呢
-        //错误路径排除
-        filterChainDefinitionMap.put("/error", "anon");
-        // update-end--author:liusq Date:20230522 for：[issues/4829]访问不存在的url时会提示Token失效，请重新登录呢
-
-        // 添加自己的过滤器并且取名为jwt
-        Map<String, Filter> filterMap = new HashMap<String, Filter>(1);
-        //如果cloudServer为空 则说明是单体 需要加载跨域配置【微服务跨域切换】
-        Object cloudServer = env.getProperty(CommonConstant.CLOUD_SERVER_KEY);
-        filterMap.put("jwt", new JwtFilter(cloudServer==null));
-        shiroFilterFactoryBean.setFilters(filterMap);
-        // <!-- 过滤链定义，从上向下顺序执行，一般将/**放在最为下边
-        filterChainDefinitionMap.put("/**", "jwt");
-
-        // 未授权界面返回JSON
-        shiroFilterFactoryBean.setUnauthorizedUrl("/sys/common/403");
-        shiroFilterFactoryBean.setLoginUrl("/sys/common/403");
-        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
-        return shiroFilterFactoryBean;
-    }
-
-    @Bean("securityManager")
-    public DefaultWebSecurityManager securityManager(ShiroRealm myRealm) {
-        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
-        securityManager.setRealm(myRealm);
-
-        /*
-         * 关闭shiro自带的session，详情见文档
-         * http://shiro.apache.org/session-management.html#SessionManagement-
-         * StatelessApplications%28Sessionless%29
-         */
-        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
-        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
-        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
-        subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
-        securityManager.setSubjectDAO(subjectDAO);
-        //自定义缓存实现,使用redis
-        securityManager.setCacheManager(redisCacheManager());
-        return securityManager;
-    }
-
-    /**
-     * 下面的代码是添加注解支持
-     * @return
-     */
-    @Bean
-    @DependsOn("lifecycleBeanPostProcessor")
-    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
-        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
-        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
-        /**
-         * 解决重复代理问题 github#994
-         * 添加前缀判断 不匹配 任何Advisor
-         */
-        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
-        defaultAdvisorAutoProxyCreator.setAdvisorBeanNamePrefix("_no_advisor");
-        return defaultAdvisorAutoProxyCreator;
-    }
-
-    @Bean
-    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
-        return new LifecycleBeanPostProcessor();
-    }
-
-    @Bean
-    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
-        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
-        advisor.setSecurityManager(securityManager);
-        return advisor;
-    }
-
-    /**
-     * cacheManager 缓存 redis实现
-     * 使用的是shiro-redis开源插件
-     *
-     * @return
-     */
-    public RedisCacheManager redisCacheManager() {
-        log.info("===============(1)创建缓存管理器RedisCacheManager");
-        RedisCacheManager redisCacheManager = new RedisCacheManager();
-        redisCacheManager.setRedisManager(redisManager());
-        //redis中针对不同用户缓存(此处的id需要对应user实体中的id字段,用于唯一标识)
-        redisCacheManager.setPrincipalIdFieldName("id");
-        //用户权限信息缓存时间
-        redisCacheManager.setExpire(200000);
-        return redisCacheManager;
-    }
-
-    /**
-     * 配置shiro redisManager
-     * 使用的是shiro-redis开源插件
-     *
-     * @return
-     */
-    @Bean
-    public IRedisManager redisManager() {
-        log.info("===============(2)创建RedisManager,连接Redis..");
-        IRedisManager manager;
-
-        // sentinel cluster redis
-        if (Objects.nonNull(redisProperties)
-                && Objects.nonNull(redisProperties.getSentinel())
-                && !CollectionUtils.isEmpty(redisProperties.getSentinel().getNodes())) {
-            RedisSentinelManager sentinelManager = new RedisSentinelManager();
-            sentinelManager.setMasterName(redisProperties.getSentinel().getMaster());
-            sentinelManager.setHost(String.join(",", redisProperties.getSentinel().getNodes()));
-            sentinelManager.setPassword(redisProperties.getSentinel().getPassword());
-            sentinelManager.setDatabase(redisProperties.getDatabase());
-
-            return sentinelManager;
-        }
-        // redis 单机支持，在集群为空，或者集群无机器时候使用 add by jzyadmin@163.com
-        if (lettuceConnectionFactory.getClusterConfiguration() == null || lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().isEmpty()) {
-            RedisManager redisManager = new RedisManager();
-            redisManager.setHost(lettuceConnectionFactory.getHostName() + ":" + lettuceConnectionFactory.getPort());
-            //(lettuceConnectionFactory.getPort());
-            redisManager.setDatabase(lettuceConnectionFactory.getDatabase());
-            redisManager.setTimeout(0);
-            if (!StringUtils.isEmpty(lettuceConnectionFactory.getPassword())) {
-                redisManager.setPassword(lettuceConnectionFactory.getPassword());
-            }
-            manager = redisManager;
-        }else{
-            // redis集群支持，优先使用集群配置
-            RedisClusterManager redisManager = new RedisClusterManager();
-            Set<HostAndPort> portSet = new HashSet<>();
-            lettuceConnectionFactory.getClusterConfiguration().getClusterNodes().forEach(node -> portSet.add(new HostAndPort(node.getHost() , node.getPort())));
-            //update-begin--Author:scott Date:20210531 for：修改集群模式下未设置redis密码的bug issues/I3QNIC
-            if (oConvertUtils.isNotEmpty(lettuceConnectionFactory.getPassword())) {
-                JedisCluster jedisCluster = new JedisCluster(portSet, 2000, 2000, 5,
-                    lettuceConnectionFactory.getPassword(), new GenericObjectPoolConfig());
-                redisManager.setPassword(lettuceConnectionFactory.getPassword());
-                redisManager.setJedisCluster(jedisCluster);
-            } else {
-                JedisCluster jedisCluster = new JedisCluster(portSet);
-                redisManager.setJedisCluster(jedisCluster);
-            }
-            //update-end--Author:scott Date:20210531 for：修改集群模式下未设置redis密码的bug issues/I3QNIC
-            manager = redisManager;
-        }
-        return manager;
-    }
-
-}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
deleted file mode 100644
index 3f1ee9cb..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
+++ /dev/null
@@ -1,228 +0,0 @@
-package org.jeecg.config.shiro;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.SimpleAuthenticationInfo;
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.SimpleAuthorizationInfo;
-import org.apache.shiro.realm.AuthorizingRealm;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.jeecg.common.api.CommonAPI;
-import org.jeecg.common.config.TenantContext;
-import org.jeecg.common.constant.CacheConstant;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.system.util.JwtUtil;
-import org.jeecg.common.system.vo.LoginUser;
-import org.jeecg.common.util.RedisUtil;
-import org.jeecg.common.util.SpringContextUtils;
-import org.jeecg.common.util.TokenUtils;
-import org.jeecg.common.util.oConvertUtils;
-import org.springframework.context.annotation.Lazy;
-
-import jakarta.annotation.Resource;
-import jakarta.servlet.http.HttpServletRequest;
-import java.util.Set;
-
-/**
- * @Description: 用户登录鉴权和获取用户授权
- * @Author: Scott
- * @Date: 2019-4-23 8:13
- * @Version: 1.1
- */
-//@Component
-@Slf4j
-public class ShiroRealm extends AuthorizingRealm {
-	@Lazy
-    @Resource
-    private CommonAPI commonApi;
-
-    @Lazy
-    @Resource
-    private RedisUtil redisUtil;
-
-    /**
-     * 必须重写此方法，不然Shiro会报错
-     */
-    @Override
-    public boolean supports(AuthenticationToken token) {
-        return token instanceof JwtToken;
-    }
-
-    /**
-     * 权限信息认证(包括角色以及权限)是用户访问controller的时候才进行验证(redis存储的此处权限信息)
-     * 触发检测用户权限时才会调用此方法，例如checkRole,checkPermission
-     *
-     * @param principals 身份信息
-     * @return AuthorizationInfo 权限信息
-     */
-    @Override
-    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-        log.debug("===============Shiro权限认证开始============ [ roles、permissions]==========");
-        String username = null;
-        if (principals != null) {
-            LoginUser sysUser = (LoginUser) principals.getPrimaryPrincipal();
-            username = sysUser.getUsername();
-        }
-        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
-
-        // 设置用户拥有的角色集合，比如“admin,test”
-        Set<String> roleSet = commonApi.queryUserRoles(username);
-        //System.out.println(roleSet.toString());
-        info.setRoles(roleSet);
-
-        // 设置用户拥有的权限集合，比如“sys:role:add,sys:user:add”
-        Set<String> permissionSet = commonApi.queryUserAuths(username);
-        info.addStringPermissions(permissionSet);
-        //System.out.println(permissionSet);
-        log.info("===============Shiro权限认证成功==============");
-        return info;
-    }
-
-    /**
-     * 用户信息认证是在用户进行登录的时候进行验证(不存redis)
-     * 也就是说验证用户输入的账号和密码是否正确，错误抛出异常
-     *
-     * @param auth 用户登录的账号密码信息
-     * @return 返回封装了用户信息的 AuthenticationInfo 实例
-     * @throws AuthenticationException
-     */
-    @Override
-    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
-        log.debug("===============Shiro身份认证开始============doGetAuthenticationInfo==========");
-        String token = (String) auth.getCredentials();
-        if (token == null) {
-            HttpServletRequest req = SpringContextUtils.getHttpServletRequest();
-            log.info("————————身份认证失败——————————IP地址:  "+ oConvertUtils.getIpAddrByRequest(req) +"，URL:"+req.getRequestURI());
-            throw new AuthenticationException("token为空!");
-        }
-        // 校验token有效性
-        LoginUser loginUser = null;
-        try {
-            loginUser = this.checkUserTokenIsEffect(token);
-        } catch (AuthenticationException e) {
-            JwtUtil.responseError(SpringContextUtils.getHttpServletResponse(),401,e.getMessage());
-            e.printStackTrace();
-            return null;
-        }
-        return new SimpleAuthenticationInfo(loginUser, token, getName());
-    }
-
-    /**
-     * 校验token的有效性
-     *
-     * @param token
-     */
-    public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
-        // 解密获得username，用于和数据库进行对比
-        String username = JwtUtil.getUsername(token);
-        if (username == null) {
-            throw new AuthenticationException("token非法无效!");
-        }
-
-        // 查询用户信息
-        log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
-        LoginUser loginUser = TokenUtils.getLoginUser(username, commonApi, redisUtil);
-        //LoginUser loginUser = commonApi.getUserByName(username);
-        if (loginUser == null) {
-            throw new AuthenticationException("用户不存在!");
-        }
-        // 判断用户状态
-        if (loginUser.getStatus() != 1) {
-            throw new AuthenticationException("账号已被锁定,请联系管理员!");
-        }
-        // 校验token是否超时失效 & 或者账号密码是否错误
-        if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
-            throw new AuthenticationException(CommonConstant.TOKEN_IS_INVALID_MSG);
-        }
-        //update-begin-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
-        String userTenantIds = loginUser.getRelTenantIds();
-        if(oConvertUtils.isNotEmpty(userTenantIds)){
-            String contextTenantId = TenantContext.getTenant();
-            log.debug("登录租户：" + contextTenantId);
-            log.debug("用户拥有那些租户：" + userTenantIds);
-             //登录用户无租户，前端header中租户ID值为 0
-            String str ="0";
-            if(oConvertUtils.isNotEmpty(contextTenantId) && !str.equals(contextTenantId)){
-                //update-begin-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
-                String[] arr = userTenantIds.split(",");
-                if(!oConvertUtils.isIn(contextTenantId, arr)){
-                    boolean isAuthorization = false;
-                    //========================================================================
-                    // 查询用户信息（如果租户不匹配从数据库中重新查询一次用户信息）
-                    String loginUserKey = CacheConstant.SYS_USERS_CACHE + "::" + username;
-                    redisUtil.del(loginUserKey);
-                    LoginUser loginUserFromDb = commonApi.getUserByName(username);
-                    if (oConvertUtils.isNotEmpty(loginUserFromDb.getRelTenantIds())) {
-                        String[] newArray = loginUserFromDb.getRelTenantIds().split(",");
-                        if (oConvertUtils.isIn(contextTenantId, newArray)) { 
-                            isAuthorization = true;
-                        }
-                    }
-                    //========================================================================
-
-                    //*********************************************
-                    if(!isAuthorization){
-                        log.info("租户异常——登录租户：" + contextTenantId);
-                        log.info("租户异常——用户拥有租户组：" + userTenantIds);
-                        throw new AuthenticationException("登录租户授权变更，请重新登陆!");
-                    }
-                    //*********************************************
-                }
-                //update-end-author:taoyan date:20211227 for: /issues/I4O14W 用户租户信息变更判断漏洞
-            }
-        }
-        //update-end-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
-        return loginUser;
-    }
-
-    /**
-     * JWTToken刷新生命周期 （实现： 用户在线操作不掉线功能）
-     * 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样)，缓存有效期设置为Jwt有效时间的2倍
-     * 2、当该用户再次请求时，通过JWTFilter层层校验之后会进入到doGetAuthenticationInfo进行身份验证
-     * 3、当该用户这次请求jwt生成的token值已经超时，但该token对应cache中的k还是存在，则表示该用户一直在操作只是JWT的token失效了，程序会给token对应的k映射的v值重新生成JWTToken并覆盖v值，该缓存生命周期重新计算
-     * 4、当该用户这次请求jwt在生成的token值已经超时，并在cache中不存在对应的k，则表示该用户账户空闲超时，返回用户信息已失效，请重新登录。
-     * 注意： 前端请求Header中设置Authorization保持不变，校验有效性以缓存中的token为准。
-     *       用户过期时间 = Jwt有效时间 * 2。
-     *
-     * @param userName
-     * @param passWord
-     * @return
-     */
-    public boolean jwtTokenRefresh(String token, String userName, String passWord) {
-        String cacheToken = String.valueOf(redisUtil.get(CommonConstant.PREFIX_USER_TOKEN + token));
-        if (oConvertUtils.isNotEmpty(cacheToken)) {
-            // 校验token有效性
-            if (!JwtUtil.verify(cacheToken, userName, passWord)) {
-                String newAuthorization = JwtUtil.sign(userName, passWord);
-                // 设置超时时间
-                redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, newAuthorization);
-                redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME *2 / 1000);
-                log.debug("——————————用户在线操作，更新token保证不掉线—————————jwtTokenRefresh——————— "+ token);
-            }
-            //update-begin--Author:scott  Date:20191005  for：解决每次请求，都重写redis中 token缓存问题
-//			else {
-//				// 设置超时时间
-//				redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, cacheToken);
-//				redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000);
-//			}
-            //update-end--Author:scott  Date:20191005   for：解决每次请求，都重写redis中 token缓存问题
-            return true;
-        }
-
-        //redis中不存在此TOEKN，说明token非法返回false
-        return false;
-    }
-
-    /**
-     * 清除当前用户的权限认证缓存
-     *
-     * @param principals 权限信息
-     */
-    @Override
-    public void clearCache(PrincipalCollection principals) {
-        super.clearCache(principals);
-    }
-
-}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java
deleted file mode 100644
index db852351..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/CustomShiroFilterFactoryBean.java
+++ /dev/null
@@ -1,77 +0,0 @@
-package org.jeecg.config.shiro.filters;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
-import org.apache.shiro.web.filter.InvalidRequestFilter;
-import org.apache.shiro.web.filter.mgt.DefaultFilter;
-import org.apache.shiro.web.filter.mgt.FilterChainManager;
-import org.apache.shiro.web.filter.mgt.FilterChainResolver;
-import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
-import org.apache.shiro.web.mgt.WebSecurityManager;
-import org.apache.shiro.web.servlet.AbstractShiroFilter;
-import org.apache.shiro.mgt.SecurityManager;
-import org.springframework.beans.factory.BeanInitializationException;
-
-import jakarta.servlet.Filter;
-import java.util.Map;
-
-/**
- * 自定义ShiroFilterFactoryBean解决资源中文路径问题
- * @author: jeecg-boot
- */
-@Slf4j
-public class CustomShiroFilterFactoryBean extends ShiroFilterFactoryBean {
-    @Override
-    public Class getObjectType() {
-        return MySpringShiroFilter.class;
-    }
-
-    @Override
-    protected AbstractShiroFilter createInstance() throws Exception {
-
-        SecurityManager securityManager = getSecurityManager();
-        if (securityManager == null) {
-            String msg = "SecurityManager property must be set.";
-            throw new BeanInitializationException(msg);
-        }
-
-        if (!(securityManager instanceof WebSecurityManager)) {
-            String msg = "The security manager does not implement the WebSecurityManager interface.";
-            throw new BeanInitializationException(msg);
-        }
-
-        FilterChainManager manager = createFilterChainManager();
-        //Expose the constructed FilterChainManager by first wrapping it in a
-        // FilterChainResolver implementation. The AbstractShiroFilter implementations
-        // do not know about FilterChainManagers - only resolvers:
-        PathMatchingFilterChainResolver chainResolver = new PathMatchingFilterChainResolver();
-        chainResolver.setFilterChainManager(manager);
-
-        Map<String, Filter> filterMap = manager.getFilters();
-        Filter invalidRequestFilter = filterMap.get(DefaultFilter.invalidRequest.name());
-        if (invalidRequestFilter instanceof InvalidRequestFilter) {
-            //此处是关键,设置false跳过URL携带中文400，servletPath中文校验bug
-            ((InvalidRequestFilter) invalidRequestFilter).setBlockNonAscii(false);
-        }
-        //Now create a concrete ShiroFilter instance and apply the acquired SecurityManager and built
-        //FilterChainResolver.  It doesn't matter that the instance is an anonymous inner class
-        //here - we're just using it because it is a concrete AbstractShiroFilter instance that accepts
-        //injection of the SecurityManager and FilterChainResolver:
-        return new MySpringShiroFilter((WebSecurityManager) securityManager, chainResolver);
-    }
-
-    private static final class MySpringShiroFilter extends AbstractShiroFilter {
-        protected MySpringShiroFilter(WebSecurityManager webSecurityManager, FilterChainResolver resolver) {
-            if (webSecurityManager == null) {
-                throw new IllegalArgumentException("WebSecurityManager property cannot be null.");
-            } else {
-                this.setSecurityManager(webSecurityManager);
-                if (resolver != null) {
-                    this.setFilterChainResolver(resolver);
-                }
-
-            }
-        }
-    }
-
-}
\ No newline at end of file
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
deleted file mode 100644
index 78a161a8..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
+++ /dev/null
@@ -1,124 +0,0 @@
-package org.jeecg.config.shiro.filters;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
-import org.jeecg.common.config.TenantContext;
-import org.jeecg.common.constant.CommonConstant;
-import org.jeecg.common.system.util.JwtUtil;
-import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.config.shiro.JwtToken;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpStatus;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-import jakarta.servlet.ServletRequest;
-import jakarta.servlet.ServletResponse;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * @Description: 鉴权登录拦截器
- * @Author: Scott
- * @Date: 2018/10/7
- **/
-@Slf4j
-public class JwtFilter extends BasicHttpAuthenticationFilter {
-
-    /**
-     * 默认开启跨域设置（使用单体）
-     * 微服务情况下，此属性设置为false
-     */
-    private boolean allowOrigin = true;
-
-    public JwtFilter(){}
-    public JwtFilter(boolean allowOrigin){
-        this.allowOrigin = allowOrigin;
-    }
-
-    /**
-     * 执行登录认证
-     *
-     * @param request
-     * @param response
-     * @param mappedValue
-     * @return
-     */
-    @Override
-    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
-        try {
-            executeLogin(request, response);
-            return true;
-        } catch (Exception e) {
-            JwtUtil.responseError(response,401,CommonConstant.TOKEN_IS_INVALID_MSG);
-            return false;
-            //throw new AuthenticationException("Token失效，请重新登录", e);
-        }
-    }
-
-    /**
-     *
-     */
-    @Override
-    protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
-        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
-        String token = httpServletRequest.getHeader(CommonConstant.X_ACCESS_TOKEN);
-        // update-begin--Author:lvdandan Date:20210105 for：JT-355 OA聊天添加token验证，获取token参数
-        if (oConvertUtils.isEmpty(token)) {
-            token = httpServletRequest.getParameter("token");
-        }
-        // update-end--Author:lvdandan Date:20210105 for：JT-355 OA聊天添加token验证，获取token参数
-
-        JwtToken jwtToken = new JwtToken(token);
-        // 提交给realm进行登入，如果错误他会抛出异常并被捕获
-        getSubject(request, response).login(jwtToken);
-        // 如果没有抛出异常则代表登入成功，返回true
-        return true;
-    }
-
-    /**
-     * 对跨域提供支持
-     */
-    @Override
-    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
-        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
-        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
-        if(allowOrigin){
-            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, httpServletRequest.getHeader(HttpHeaders.ORIGIN));
-            // 允许客户端请求方法
-            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET,POST,OPTIONS,PUT,DELETE");
-            // 允许客户端提交的Header
-            String requestHeaders = httpServletRequest.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
-            if (StringUtils.isNotEmpty(requestHeaders)) {
-                httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders);
-            }
-            // 允许客户端携带凭证信息(是否允许发送Cookie)
-            httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
-        }
-        // 跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
-        if (RequestMethod.OPTIONS.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
-            httpServletResponse.setStatus(HttpStatus.OK.value());
-            return false;
-        }
-        //update-begin-author:taoyan date:20200708 for:多租户用到
-        String tenantId = httpServletRequest.getHeader(CommonConstant.TENANT_ID);
-        TenantContext.setTenant(tenantId);
-        //update-end-author:taoyan date:20200708 for:多租户用到
-
-        return super.preHandle(request, response);
-    }
-
-    /**
-     * JwtFilter中ThreadLocal需要及时清除 #3634
-     *
-     * @param request
-     * @param response
-     * @param exception
-     * @throws Exception
-     */
-    @Override
-    public void afterCompletion(ServletRequest request, ServletResponse response, Exception exception) throws Exception {
-        //log.info("------清空线程中多租户的ID={}------",TenantContext.getTenant());
-        TenantContext.clear();
-    }
-}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java
deleted file mode 100644
index f34248ef..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/ResourceCheckFilter.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package org.jeecg.config.shiro.filters;
-
-import jakarta.servlet.ServletRequest;
-import jakarta.servlet.ServletResponse;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.web.filter.AccessControlFilter;
-import lombok.extern.slf4j.Slf4j;
-
-/**
- * @Author Scott
- * @create 2019-02-01 15:56
- * @desc 鉴权请求URL访问权限拦截器
- */
-@Slf4j
-public class ResourceCheckFilter extends AccessControlFilter {
-
-    private String errorUrl;
-
-    public String getErrorUrl() {
-        return errorUrl;
-    }
-
-    public void setErrorUrl(String errorUrl) {
-        this.errorUrl = errorUrl;
-    }
-
-    /**
-     * 表示是否允许访问 ，如果允许访问返回true，否则false；
-     *
-     * @param servletRequest
-     * @param servletResponse
-     * @param o               表示写在拦截器中括号里面的字符串 mappedValue 就是 [urls] 配置中拦截器参数部分
-     * @return
-     * @throws Exception
-     */
-    @Override
-    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
-        Subject subject = getSubject(servletRequest, servletResponse);
-        String url = getPathWithinApplication(servletRequest);
-        log.info("当前用户正在访问的 url => " + url);
-        return subject.isPermitted(url);
-    }
-
-    /**
-     * onAccessDenied：表示当访问拒绝时是否已经处理了； 如果返回 true 表示需要继续处理； 如果返回 false
-     * 表示该拦截器实例已经处理了，将直接返回即可。
-     *
-     * @param servletRequest
-     * @param servletResponse
-     * @return
-     * @throws Exception
-     */
-    @Override
-    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
-        log.info("当 isAccessAllowed 返回 false 的时候，才会执行 method onAccessDenied ");
-
-        HttpServletRequest request = (HttpServletRequest) servletRequest;
-        HttpServletResponse response = (HttpServletResponse) servletResponse;
-        response.sendRedirect(request.getContextPath() + this.errorUrl);
-
-        // 返回 false 表示已经处理，例如页面跳转啥的，表示不在走以下的拦截器了（如果还有配置的话）
-        return false;
-    }
-
-}
\ No newline at end of file
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Shiro.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Shiro.java
deleted file mode 100644
index bcb87102..00000000
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/vo/Shiro.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package org.jeecg.config.vo;
-
-/**
- * @Description: TODO
- * @author: scott
- * @date: 2022年01月21日 14:23
- */
-public class Shiro {
-    private String excludeUrls = "";
-
-    public String getExcludeUrls() {
-        return excludeUrls;
-    }
-
-    public void setExcludeUrls(String excludeUrls) {
-        this.excludeUrls = excludeUrls;
-    }
-}
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java b/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
index cffd2f21..15e98b93 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java
@@ -2,8 +2,8 @@ package org.jeecg.modules.base.service.impl;
 
 import com.baomidou.mybatisplus.core.toolkit.IdWorker;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.dto.LogDTO;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.mapper.BaseCommonMapper;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.common.system.vo.LoginUser;
@@ -61,7 +61,7 @@ public class BaseCommonServiceImpl implements BaseCommonService {
         //获取登录用户信息
         if(user==null){
             try {
-                user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+                user = SecureUtil.currentUser();
             } catch (Exception e) {
                 //e.printStackTrace();
             }
diff --git a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
index e29b9074..bd513379 100644
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java
@@ -11,8 +11,6 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.mgt.DefaultSecurityManager;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.aspect.annotation.PermissionData;
diff --git a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
index 79597706..7b840af0 100644
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java
@@ -9,7 +9,6 @@ import com.alibaba.fastjson.JSON;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
diff --git a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
index 5a202c51..bf165c09 100644
--- a/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
+++ b/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java
@@ -4,7 +4,6 @@ import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java
index 6f40f016..eaefea37 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java
@@ -2,8 +2,6 @@ package org.jeecg.modules.oss.controller;
 
 import jakarta.servlet.http.HttpServletRequest;
 
-import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.modules.oss.entity.OssFile;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java
index 905cae48..bd1b0306 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java
@@ -7,9 +7,6 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
index 96651be1..4ec6e130 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
@@ -10,8 +10,6 @@ import com.baomidou.mybatisplus.core.toolkit.IdWorker;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.constant.CommonConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
index 3280d970..8ca42ecf 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
@@ -10,7 +10,6 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.jeecg.dingtalk.api.core.response.Response;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java
index d935a26c..1ced47d5 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java
@@ -6,7 +6,6 @@ import java.util.Date;
 import com.alibaba.fastjson.JSON;
 import jakarta.servlet.http.HttpServletRequest;
 
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.DataBaseConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java
index 76c48c47..6a87c6b9 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java
@@ -7,7 +7,6 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
index 0d33ab91..5deb44d3 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java
@@ -12,7 +12,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.config.TenantContext;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java
index 9a293e1c..a3ca10b9 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java
@@ -6,8 +6,6 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CacheConstant;
@@ -369,7 +367,7 @@ public class SysDepartController {
         //导出文件名称
         mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表");
         mv.addObject(NormalExcelConstants.CLASS, SysDepart.class);
-        LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        LoginUser user = SecureUtil.currentUser();
         mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("部门列表数据", "导出人:"+user.getRealname(), "导出信息"));
         mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
         return mv;
@@ -611,7 +609,7 @@ public class SysDepartController {
 		//导出文件名称
 		mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表");
 		mv.addObject(NormalExcelConstants.CLASS, ExportDepartVo.class);
-		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+		LoginUser user = SecureUtil.currentUser();
 		mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("部门列表数据", "导出人:"+user.getRealname(), "导出信息"));
 		mv.addObject(NormalExcelConstants.DATA_LIST, pageList);
 		return mv;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
index bdc6a7b7..42ac754b 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java
@@ -11,7 +11,6 @@ import jakarta.servlet.http.HttpServletResponse;
 
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.system.query.QueryGenerator;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java
index c0f12630..91875f8e 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java
@@ -7,8 +7,6 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CacheConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
index d3d33ead..9859772d 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictItemController.java
@@ -10,8 +10,6 @@ import jakarta.servlet.http.HttpServletRequest;
 
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.system.query.QueryGenerator;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
index be7ce33c..7b646b96 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java
@@ -5,7 +5,6 @@ import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.util.oConvertUtils;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPermissionController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPermissionController.java
index 2c39345c..98d2bd83 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPermissionController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPermissionController.java
@@ -7,7 +7,6 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java
index e75ce683..d0f41bf5 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java
@@ -8,7 +8,6 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
 import org.jeecg.common.config.TenantContext;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java
index 25baeb5c..bebf3f86 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java
@@ -14,7 +14,6 @@ import jakarta.servlet.http.HttpServletResponse;
 
 import cn.hutool.core.util.RandomUtil;
 import com.baomidou.mybatisplus.extension.plugins.pagination.PageDTO;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
@@ -48,7 +47,6 @@ import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
 import org.springframework.web.servlet.ModelAndView;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -239,7 +237,7 @@ public class SysRoleController {
 			if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL){
 				int tenantId = oConvertUtils.getInt(TenantContext.getTenant(), 0);
 				String[] roleIds = ids.split(SymbolConstant.COMMA);
-				LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+				LoginUser sysUser = SecureUtil.currentUser();
 				String username = "admin";
 				for (String id:roleIds) {
 					Long getRoleCount = sysRoleService.getRoleCountByTenantId(id, tenantId);
@@ -380,7 +378,7 @@ public class SysRoleController {
 		//导出文件名称
 		mv.addObject(NormalExcelConstants.FILE_NAME,"角色列表");
 		mv.addObject(NormalExcelConstants.CLASS,SysRole.class);
-		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+		LoginUser user = SecureUtil.currentUser();
 		mv.addObject(NormalExcelConstants.PARAMS,new ExportParams("角色列表数据","导出人:"+user.getRealname(),"导出信息"));
 		mv.addObject(NormalExcelConstants.DATA_LIST,pageList);
 		return mv;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
index 23b2568e..18e1cfb9 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java
@@ -8,8 +8,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.aspect.annotation.AutoLog;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java
index 7c177241..1e3d4073 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java
@@ -8,7 +8,6 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.PermissionData;
 import org.jeecg.common.config.TenantContext;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserAgentController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserAgentController.java
index 4ab7c84f..5d59e76f 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserAgentController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserAgentController.java
@@ -10,11 +10,11 @@ import java.util.Map;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.system.entity.SysUserAgent;
 import org.jeecg.modules.system.service.ISysUserAgentService;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
@@ -216,7 +216,7 @@ public class SysUserAgentController {
       //导出文件名称
       mv.addObject(NormalExcelConstants.FILE_NAME, "用户代理人设置列表");
       mv.addObject(NormalExcelConstants.CLASS, SysUserAgent.class);
-      LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser user = SecureUtil.currentUser();
 	  ExportParams exportParams = new ExportParams("用户代理人设置列表数据", "导出人:"+user.getRealname(), "导出信息");
 	  exportParams.setImageBasePath(upLoadPath);
       mv.addObject(NormalExcelConstants.PARAMS, exportParams);
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java
index a0fce83a..dd91d82a 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java
@@ -11,15 +11,13 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.PermissionData;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
 import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.modules.base.service.BaseCommonService;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.util.JwtUtil;
@@ -338,7 +336,7 @@ public class SysUserController {
         }
         sysUser.setId(u.getId());
         //update-begin---author:wangshuai ---date:20220316  for：[VUEN-234]修改密码添加敏感日志------------
-        LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        LoginUser loginUser = SecureUtil.currentUser();
         baseCommonService.addLog("修改用户 "+sysUser.getUsername()+" 的密码，操作人： " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
         //update-end---author:wangshuai ---date:20220316  for：[VUEN-234]修改密码添加敏感日志------------
         return sysUserService.changePassword(sysUser);
@@ -470,7 +468,7 @@ public class SysUserController {
         //导出文件名称
         mv.addObject(NormalExcelConstants.FILE_NAME, "用户列表");
         mv.addObject(NormalExcelConstants.CLASS, SysUser.class);
-		LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+		LoginUser user = SecureUtil.currentUser();
         ExportParams exportParams = new ExportParams("用户列表数据", "导出人:"+user.getRealname(), "导出信息");
         exportParams.setImageBasePath(upLoadPath);
         mv.addObject(NormalExcelConstants.PARAMS, exportParams);
@@ -606,7 +604,7 @@ public class SysUserController {
 		String oldpassword = json.getString("oldpassword");
 		String password = json.getString("password");
 		String confirmpassword = json.getString("confirmpassword");
-        LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
+        LoginUser sysUser = SecureUtil.currentUser();
         if(!sysUser.getUsername().equals(username)){
             return Result.error("只允许修改自己的密码！");
         }
@@ -615,7 +613,7 @@ public class SysUserController {
 			return Result.error("用户不存在！");
 		}
         //update-begin---author:wangshuai ---date:20220316  for：[VUEN-234]修改密码添加敏感日志------------
-        LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        LoginUser loginUser = SecureUtil.currentUser();
         baseCommonService.addLog("修改密码，username： " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
         //update-end---author:wangshuai ---date:20220316  for：[VUEN-234]修改密码添加敏感日志------------
 		return sysUserService.resetPassword(username,oldpassword,password,confirmpassword);
@@ -728,7 +726,7 @@ public class SysUserController {
         List<String> subDepids = new ArrayList<>();
         //部门id为空时，查询我的部门下所有用户
         if(oConvertUtils.isEmpty(depId)){
-            LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+            LoginUser user = SecureUtil.currentUser();
             int userIdentity = user.getUserIdentity() != null?user.getUserIdentity():CommonConstant.USER_IDENTITY_1;
             if(oConvertUtils.isNotEmpty(userIdentity) && userIdentity == CommonConstant.USER_IDENTITY_2 ){
                 subDepids = sysDepartService.getMySubDepIdsByDepId(user.getDepartIds());
@@ -917,7 +915,7 @@ public class SysUserController {
     public Result<Map<String,Object>> getCurrentUserDeparts() {
         Result<Map<String,Object>> result = new Result<Map<String,Object>>();
         try {
-        	LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
+        	LoginUser sysUser = SecureUtil.currentUser();
             List<SysDepart> list = this.sysDepartService.queryUserDeparts(sysUser.getId());
             Map<String,Object> map = new HashMap(5);
             map.put("list", list);
@@ -1780,7 +1778,7 @@ public class SysUserController {
     public Result<?> changeLoginTenantId(@RequestBody SysUser sysUser){
         Result<String> result = new Result<>();
         Integer tenantId = sysUser.getLoginTenantId();
-        LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        LoginUser loginUser = SecureUtil.currentUser();
         String userId = loginUser.getId();
         
         // 判断 指定的租户ID是不是当前登录用户的租户
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java
index 80411b8a..ecf3125f 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java
@@ -3,7 +3,6 @@ package org.jeecg.modules.system.controller;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.constant.CommonConstant;
@@ -17,7 +16,11 @@ import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
 import org.jeecg.modules.system.vo.SysUserOnlineVO;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cache.CacheManager;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
+import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
+import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
 import org.springframework.web.bind.annotation.*;
 
 import jakarta.annotation.Resource;
@@ -48,6 +51,10 @@ public class SysUserOnlineController {
 
     @Resource
     private BaseCommonService baseCommonService;
+    @Autowired
+    private OAuth2AuthorizationService authorizationService;
+    @Autowired
+    private CacheManager cacheManager;
 
     @RequestMapping(value = "/list", method = RequestMethod.GET)
     public Result<Page<SysUserOnlineVO>> list(@RequestParam(name="username", required=false) String username,
@@ -120,8 +127,13 @@ public class SysUserOnlineController {
             redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
             //清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
             redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
-            //调用shiro的logout
-            SecurityUtils.getSubject().logout();
+            //调用logout
+            OAuth2Authorization authorization = authorizationService.findByToken(online.getToken(), OAuth2TokenType.ACCESS_TOKEN);
+
+            // 清空用户信息
+            cacheManager.getCache("user_details").evict(authorization.getPrincipalName());
+            // 清空access token
+            authorizationService.remove(authorization);
             return Result.ok("退出登录成功！");
         }else {
             return Result.error("Token无效!");
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java
index d7148658..874b2e32 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java
@@ -6,7 +6,6 @@ import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.jeecg.dingtalk.api.core.response.Response;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.dto.message.MessageDTO;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java
index a98658fd..efcfa601 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java
@@ -8,7 +8,6 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.config.security.utils.SecureUtil;
 import org.springframework.format.annotation.DateTimeFormat;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java
index 9f9d03cd..9d4fcbb9 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java
@@ -5,7 +5,6 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java
index 4edb7054..17edec22 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java
@@ -12,7 +12,6 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import io.netty.util.internal.StringUtil;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.FillRuleConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java
index 34c75c17..f31237aa 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java
@@ -2,7 +2,6 @@ package org.jeecg.modules.system.service.impl;
 
 import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.SymbolConstant;
 import org.jeecg.common.constant.TenantConstant;
 import org.jeecg.common.system.vo.LoginUser;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysThirdAccountServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysThirdAccountServiceImpl.java
index f811194a..46db8bae 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysThirdAccountServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysThirdAccountServiceImpl.java
@@ -8,7 +8,6 @@ import com.jeecg.dingtalk.api.core.response.Response;
 import com.jeecg.dingtalk.api.core.vo.AccessToken;
 import com.jeecg.dingtalk.api.user.JdtUserAPI;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.exception.JeecgBootException;
 import org.jeecg.common.system.vo.LoginUser;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserDepartServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserDepartServiceImpl.java
index baf8e82d..d4d32e0d 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserDepartServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserDepartServiceImpl.java
@@ -6,7 +6,6 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.apache.commons.lang3.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.config.TenantContext;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java
index 83d5644f..b90fe78f 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java
@@ -15,7 +15,6 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang3.ObjectUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.dto.message.MessageDTO;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.config.TenantContext;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java
index 2adde8d8..bd6d97a2 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java
@@ -4,7 +4,6 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import org.apache.commons.lang.StringUtils;
-import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.constant.CommonConstant;
 import org.jeecg.common.constant.SymbolConstant;
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index f43ff702..aeb9e939 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -35,7 +35,7 @@ import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 <#assign bpm_flag=false>
 <#list originalColumns as po>
 <#if po.fieldDbName=='bpm_status'>
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 97b0bf34..882c0856 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -18,7 +18,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams;
 import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.util.oConvertUtils;
@@ -45,7 +45,7 @@ import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 <#assign bpm_flag=false>
 <#list originalColumns as po>
 <#if po.fieldDbName=='bpm_status'>
@@ -209,7 +209,7 @@ public class ${entityName}Controller {
     public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件查询数据
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
       //配置选中数据查询条件
       String selections = request.getParameter("selections");
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 9bf46b0d..39adec72 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -34,7 +34,7 @@ import org.springframework.web.multipart.MultipartHttpServletRequest;
 import org.springframework.web.servlet.ModelAndView;
 import com.alibaba.fastjson.JSON;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index aa42756e..5ffaf8ce 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -25,7 +25,7 @@ import ${bussiPackage}.${entityPackage}.service.I${sub.entityName}Service;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
@@ -38,7 +38,7 @@ import java.io.IOException;
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 
  /**
  * @Description: ${tableVo.ftlDescription}
@@ -241,7 +241,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e
     public ModelAndView export${sub.entityName}(HttpServletRequest request, ${sub.entityName} ${sub.entityName?uncap_first}) {
 		 // Step.1 组装查询条件
 		 QueryWrapper<${sub.entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${sub.entityName?uncap_first}, request.getParameterMap());
-		 LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+		 LoginUser sysUser = SecureUtil.currentUser();
 
 		 // Step.2 获取导出数据
 		 List<${sub.entityName}> pageList = ${sub.entityName?uncap_first}Service.list(queryWrapper);
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 00a7ddc1..3f0d8e37 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -18,7 +18,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams;
 import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.util.oConvertUtils;
@@ -45,7 +45,7 @@ import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 
  /**
  * @Description: ${tableVo.ftlDescription}
@@ -204,7 +204,7 @@ public class ${entityName}Controller {
     public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件查询数据
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
      //配置选中数据查询条件
       String selections = request.getParameter("selections");
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 9d7b4778..4bd4b267 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -18,7 +18,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams;
 import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.util.oConvertUtils;
@@ -45,7 +45,7 @@ import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 
 <#assign bpm_flag=false>
 <#list originalColumns as po>
@@ -210,7 +210,7 @@ public class ${entityName}Controller {
     public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件查询数据
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
       //配置选中数据查询条件
       String selections = request.getParameter("selections");
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 75db7263..e57f2841 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -18,7 +18,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams;
 import org.jeecgframework.poi.excel.entity.ImportParams;
 import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.util.oConvertUtils;
@@ -45,7 +45,7 @@ import com.alibaba.fastjson.JSON;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.security.access.prepost.PreAuthorize;
 
  /**
  * @Description: ${tableVo.ftlDescription}
@@ -200,7 +200,7 @@ public class ${entityName}Controller {
     public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件查询数据
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
       //配置选中数据查询条件
        String selections = request.getParameter("selections");
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index 7574260e..a8642814 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -11,7 +11,7 @@ import java.util.Map;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.jeecg.common.system.vo.LoginUser;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
 import org.jeecgframework.poi.excel.entity.ExportParams;
@@ -185,7 +185,7 @@ public class ${entityName}Controller {
   public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
       //Step.2 获取导出数据
       List<${entityName}Page> pageList = new ArrayList<${entityName}Page>();
diff --git a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
index c652ab17..f29f07cd 100644
--- a/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
+++ b/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai
@@ -10,7 +10,7 @@ import java.util.Map;
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import org.apache.shiro.SecurityUtils;
+import org.jeecg.config.security.utils.SecureUtil;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
 import org.jeecgframework.poi.excel.entity.ExportParams;
@@ -273,7 +273,7 @@ ${sub.entityName?uncap_first}.get${key}()!=null<#rt/>
     public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) {
       // Step.1 组装查询条件
       QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap());
-      LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+      LoginUser sysUser = SecureUtil.currentUser();
 
       //Step.2 获取导出数据
       List<${entityName}Page> pageList = new ArrayList<${entityName}Page>();
diff --git a/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml b/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
index b6c5e609..b599d74a 100644
--- a/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
+++ b/jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml
@@ -196,8 +196,6 @@ jeecg:
     upload: /opt/upFiles
     #webapp文件路径
     webapp: /opt/webapp
-  shiro:
-    excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/jmreport/bigscreen2/**
   #阿里云oss存储和大鱼短信秘钥配置
   oss:
     accessKey: ??
@@ -286,3 +284,11 @@ justauth:
     type: default
     prefix: 'demo::'
     timeout: 1h
+
+security:
+  oauth2:
+    client:
+      ignore-urls:
+        - /test/jeecgDemo/demo3
+        - /test/jeecgDemo/redisDemo/**
+        - /jmreport/bigscreen2/**
\ No newline at end of file
diff --git a/jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml b/jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml
index 9d91fc23..7eb0ef64 100644
--- a/jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml
+++ b/jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml
@@ -196,8 +196,6 @@ jeecg:
     upload: /opt/jeecg-boot/upload
     #webapp文件路径
     webapp: /opt/jeecg-boot/webapp
-  shiro:
-    excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/jmreport/bigscreen2/**,/api/getUserInfo
   #阿里云oss存储和大鱼短信秘钥配置
   oss:
     accessKey: ??
@@ -287,3 +285,12 @@ justauth:
     type: default
     prefix: 'demo::'
     timeout: 1h
+
+security:
+  oauth2:
+    client:
+      ignore-urls:
+        - /test/jeecgDemo/demo3
+        - /test/jeecgDemo/redisDemo/**
+        - /jmreport/bigscreen2/**
+        - /api/getUserInfo
\ No newline at end of file
diff --git a/jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml b/jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml
index 5233441b..461cf63c 100644
--- a/jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml
+++ b/jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml
@@ -195,8 +195,6 @@ jeecg:
     upload: D://opt//upFiles
     #webapp文件路径
     webapp: D://opt//webapp
-  shiro:
-    excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/jmreport/bigscreen2/**
   #阿里云oss存储和大鱼短信秘钥配置
   oss:
     accessKey: ??
@@ -286,3 +284,11 @@ justauth:
     type: default
     prefix: 'demo::'
     timeout: 1h
+
+security:
+  oauth2:
+    client:
+      ignore-urls:
+        - /test/jeecgDemo/demo3
+        - /test/jeecgDemo/redisDemo/**
+        - /jmreport/bigscreen2/**
\ No newline at end of file
diff --git a/jeecg-server-cloud/jeecg-cloud-nacos/docs/config/jeecg-dev.yaml b/jeecg-server-cloud/jeecg-cloud-nacos/docs/config/jeecg-dev.yaml
index d9296fd7..56554928 100644
--- a/jeecg-server-cloud/jeecg-cloud-nacos/docs/config/jeecg-dev.yaml
+++ b/jeecg-server-cloud/jeecg-cloud-nacos/docs/config/jeecg-dev.yaml
@@ -63,8 +63,6 @@ jeecg:
   path:
     upload: /opt/upFiles
     webapp: /opt/webapp
-  shiro:
-    excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/category/**,/visual/**,/map/**,/jmreport/bigscreen2/**
   oss:
     endpoint: oss-cn-beijing.aliyuncs.com
     accessKey: ??
@@ -144,4 +142,15 @@ third-app:
       enabled: false
       client-id: ??
       client-secret: ??
-      agent-id: ??
\ No newline at end of file
+      agent-id: ??
+
+security:
+  oauth2:
+    client:
+      ignore-urls:
+        - /test/jeecgDemo/demo3
+        - /test/jeecgDemo/redisDemo/**
+        - /category/**
+        - /visual/**
+        - /map/**
+        - /jmreport/bigscreen2/**
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 724ba787..3c9710d6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,14 +60,12 @@
 		<commons.version>2.6</commons.version>
 		<aliyun-java-sdk-dysmsapi.version>2.1.0</aliyun-java-sdk-dysmsapi.version>
 		<aliyun.oss.version>3.17.3</aliyun.oss.version>
-		<!-- shiro -->
-		<shiro.version>1.12.0</shiro.version>
 		<java-jwt.version>3.11.0</java-jwt.version>
-		<shiro-redis.version>3.2.2</shiro-redis.version>
 		<codegenerate.version>1.4.4</codegenerate.version>
 		<autopoi-web.version>1.4.7</autopoi-web.version>
 		<minio.version>8.5.7</minio.version>
-		<justauth-spring-boot-starter.version>1.3.4</justauth-spring-boot-starter.version>
+		<justauth-spring-boot-starter.version>1.4.0</justauth-spring-boot-starter.version>
+		<justauth.version>1.16.6</justauth.version>
 		<dom4j.version>1.6.1</dom4j.version>
 		<qiniu-java-sdk.version>7.4.0</qiniu-java-sdk.version>
 		<!-- Log4j2爆雷漏洞 -->
@@ -317,6 +315,12 @@
 					</exclusion>
 				</exclusions>
 			</dependency>
+			<!-- 更新 justauth 修复github登录问题 -->
+			<dependency>
+				<groupId>me.zhyd.oauth</groupId>
+				<artifactId>JustAuth</artifactId>
+				<version>${justauth.version}</version>
+			</dependency>
 			<dependency>
 				<groupId>com.squareup.okhttp3</groupId>
 				<artifactId>okhttp</artifactId>