diff --git a/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java b/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
index 5696c3773..932d2a688 100644
--- a/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
@@ -8,14 +8,9 @@ import org.springframework.context.annotation.PropertySource;
 import org.springframework.stereotype.Component;
 
 /**
- * 全局应用程序配置
- * 包含
- * 	1、数据源配置 dataSoruceConfig
- * 	2、字符集转换配置 characterEncodingConfig
- * 	3、webseal认证集成配置 webSealConfig
- * 	4、系统的配置 sysConfig
- *  5、所有用户可访问地址配置  allAccessUrl
- *  
+ * 全局应用程序配置 包含 1、数据源配置 dataSoruceConfig 2、字符集转换配置 characterEncodingConfig
+ * 3、webseal认证集成配置 webSealConfig 4、系统的配置 sysConfig 5、所有用户可访问地址配置 allAccessUrl
+ * 
  * 其中1、2、3项在applicationContext.xml中配置，配置文件applicationConfig.properties
  * 4项根据dynamic的属性判断是否动态从sysConfigService动态读取
  * 
@@ -25,195 +20,185 @@ import org.springframework.stereotype.Component;
 @Component
 @PropertySource("classpath:/config/applicationConfig.properties")
 public class ApplicationConfig {
-	private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class);
-	@Autowired
-	DataSoruceConfig dataSoruceConfig;
-	@Autowired
-	EmailConfig emailConfig;
-	@Autowired
-	CharacterEncodingConfig characterEncodingConfig;
-	@Autowired
-	LoginConfig loginConfig;
-	
-	@Value("${config.server.domain}")
-	String domainName;
-	
-	@Value("${config.server.domain.sub}")
-	String subDomainName;
-	
-	@Value("${config.server.name}")
-	String serverName;
-	
-	@Value("${config.server.prefix.uri}")
-	String serverPrefix;
-	
-	@Value("${config.server.default.uri}")
-	String defaultUri;
-	
-	@Value("${config.server.manage.uri}")
-	String manageUri;
-	
-	/*
-	//is enable whiteList for ipAddress filter
-	boolean whiteList;
-	
-	//All user have permission Access URL
-	public  ConcurrentHashMap<String,String> anonymousAccessUrls;
-	*/
-	
-	
-	
-	
-	public ApplicationConfig() {
-		super();
-		
-		/*anonymousAccessUrls=new ConcurrentHashMap<String,String>();
-		anonymousAccessUrls.put("/index/", "/index/");
-		anonymousAccessUrls.put("/index/top","/index/top/");
-		anonymousAccessUrls.put("/index/left/","/index/left/");
-		anonymousAccessUrls.put("/index/main/","/index/main/");
-		anonymousAccessUrls.put("/index/bottom/","/index/bottom/");
-		
-		anonymousAccessUrls.put("/menus/onelevelchild/","/menus/onelevelchild/");
-		anonymousAccessUrls.put("/menus/leftchild/","/menus/leftchild/");
-		anonymousAccessUrls.put("/menus/loadMenu/","/menus/loadMenu/");
-		
-		anonymousAccessUrls.put("/enterprises/select/","/enterprises/select/");
-		anonymousAccessUrls.put("/employees/selectAppRoles/","/employees/selectAppRoles/");
-		anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/");
-		
-		_logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls);
-		*/
-		
-	}
-	
-	public DataSoruceConfig getDataSoruceConfig() {
-		return dataSoruceConfig;
-	}
+    private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class);
+    @Autowired
+    DataSoruceConfig dataSoruceConfig;
+    @Autowired
+    EmailConfig emailConfig;
+    @Autowired
+    CharacterEncodingConfig characterEncodingConfig;
+    @Autowired
+    LoginConfig loginConfig;
 
+    @Value("${config.server.domain}")
+    String domainName;
 
-	public void setDataSoruceConfig(DataSoruceConfig dataSoruceConfig) {
-		this.dataSoruceConfig = dataSoruceConfig;
-	}
+    @Value("${config.server.domain.sub}")
+    String subDomainName;
 
-	/**
-	 * @return the characterEncodingConfig
-	 */
-	public CharacterEncodingConfig getCharacterEncodingConfig() {
-		return characterEncodingConfig;
-	}
+    @Value("${config.server.name}")
+    String serverName;
 
-	/**
-	 * @param characterEncodingConfig the characterEncodingConfig to set
-	 */
-	public void setCharacterEncodingConfig(
-			CharacterEncodingConfig characterEncodingConfig) {
-		this.characterEncodingConfig = characterEncodingConfig;
-	}
+    @Value("${config.server.prefix.uri}")
+    String serverPrefix;
 
+    @Value("${config.server.default.uri}")
+    String defaultUri;
 
-	public LoginConfig getLoginConfig() {
-		return loginConfig;
-	}
+    @Value("${config.server.manage.uri}")
+    String manageUri;
 
-	public void setLoginConfig(LoginConfig loginConfig) {
-		this.loginConfig = loginConfig;
-	}
+    /*
+     * //is enable whiteList for ipAddress filter boolean whiteList;
+     * 
+     * //All user have permission Access URL public ConcurrentHashMap<String,String>
+     * anonymousAccessUrls;
+     */
 
-	public String getServerName() {
-		return serverName;
-	}
+    public ApplicationConfig() {
+        super();
 
-	public void setServerName(String serverName) {
-		this.serverName = serverName;
-	}
+        /*
+         * anonymousAccessUrls=new ConcurrentHashMap<String,String>();
+         * anonymousAccessUrls.put("/index/", "/index/");
+         * anonymousAccessUrls.put("/index/top","/index/top/");
+         * anonymousAccessUrls.put("/index/left/","/index/left/");
+         * anonymousAccessUrls.put("/index/main/","/index/main/");
+         * anonymousAccessUrls.put("/index/bottom/","/index/bottom/");
+         * 
+         * anonymousAccessUrls.put("/menus/onelevelchild/","/menus/onelevelchild/");
+         * anonymousAccessUrls.put("/menus/leftchild/","/menus/leftchild/");
+         * anonymousAccessUrls.put("/menus/loadMenu/","/menus/loadMenu/");
+         * 
+         * anonymousAccessUrls.put("/enterprises/select/","/enterprises/select/");
+         * anonymousAccessUrls.put("/employees/selectAppRoles/",
+         * "/employees/selectAppRoles/");
+         * anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/");
+         * 
+         * _logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls);
+         */
 
-	public String getServerPrefix() {
-		return serverPrefix;
-	}
+    }
 
-	public void setServerPrefix(String serverPrefix) {
-		this.serverPrefix = serverPrefix;
-	}
+    public DataSoruceConfig getDataSoruceConfig() {
+        return dataSoruceConfig;
+    }
 
-	/**
-	 * @return the domainName
-	 */
-	public String getDomainName() {
-		return domainName;
-	}
+    public void setDataSoruceConfig(DataSoruceConfig dataSoruceConfig) {
+        this.dataSoruceConfig = dataSoruceConfig;
+    }
 
-	/**
-	 * @param domainName the domainName to set
-	 */
-	public void setDomainName(String domainName) {
-		this.domainName = domainName;
-		String []domainSubStrings=domainName.split("\\.");
-		if(domainSubStrings.length>=3){
-			this.subDomainName=domainSubStrings[domainSubStrings.length-2]+"."+domainSubStrings[domainSubStrings.length-1];
-			_logger.debug("subDomainName "+subDomainName);
-		}else{
-			this.subDomainName=domainName;
-		}
-	}
+    /**
+     * @return the characterEncodingConfig
+     */
+    public CharacterEncodingConfig getCharacterEncodingConfig() {
+        return characterEncodingConfig;
+    }
 
-	public String getSubDomainName() {
-		return subDomainName;
-	}
+    /**
+     * @param characterEncodingConfig the characterEncodingConfig to set
+     */
+    public void setCharacterEncodingConfig(CharacterEncodingConfig characterEncodingConfig) {
+        this.characterEncodingConfig = characterEncodingConfig;
+    }
 
-	public void setSubDomainName(String subDomainName) {
-		this.subDomainName = subDomainName;
-	}
-	/*
-	public ConcurrentHashMap<String, String> getAnonymousAccessUrls() {
-		return anonymousAccessUrls;
-	}
+    public LoginConfig getLoginConfig() {
+        return loginConfig;
+    }
 
-	public void setAnonymousAccessUrls(ArrayList<String> anonymousAccessUrls) {
-		//this.anonymousAccessUrls = anonymousAccessUrls;
-		for (String anonymousAccessUrl: anonymousAccessUrls){
-			this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl);
-		}
-	}
-*/
-	/**
-	 * @return the emailConfig
-	 */
-	public EmailConfig getEmailConfig() {
-		return emailConfig;
-	}
+    public void setLoginConfig(LoginConfig loginConfig) {
+        this.loginConfig = loginConfig;
+    }
 
-	/**
-	 * @param emailConfig the emailConfig to set
-	 */
-	public void setEmailConfig(EmailConfig emailConfig) {
-		this.emailConfig = emailConfig;
-	}
+    public String getServerName() {
+        return serverName;
+    }
 
+    public void setServerName(String serverName) {
+        this.serverName = serverName;
+    }
 
-	public String getManageUri() {
-		return manageUri;
-	}
+    public String getServerPrefix() {
+        return serverPrefix;
+    }
 
-	public void setManageUri(String manageUri) {
-		this.manageUri = manageUri;
-	}
+    public void setServerPrefix(String serverPrefix) {
+        this.serverPrefix = serverPrefix;
+    }
 
-	public String getDefaultUri() {
-		return defaultUri;
-	}
+    /**
+     * @return the domainName
+     */
+    public String getDomainName() {
+        return domainName;
+    }
 
-	public void setDefaultUri(String defaultUri) {
-		this.defaultUri = defaultUri;
-	}
-	
-/*
-	public boolean isWhiteList() {
-		return whiteList;
-	}
+    /**
+     * @param domainName the domainName to set
+     */
+    public void setDomainName(String domainName) {
+        this.domainName = domainName;
+        String[] domainSubStrings = domainName.split("\\.");
+        if (domainSubStrings.length >= 3) {
+            this.subDomainName = domainSubStrings[domainSubStrings.length - 2] + "."
+                    + domainSubStrings[domainSubStrings.length - 1];
+            _logger.debug("subDomainName " + subDomainName);
+        } else {
+            this.subDomainName = domainName;
+        }
+    }
+
+    public String getSubDomainName() {
+        return subDomainName;
+    }
+
+    public void setSubDomainName(String subDomainName) {
+        this.subDomainName = subDomainName;
+    }
+
+    /*
+     * public ConcurrentHashMap<String, String> getAnonymousAccessUrls() { return
+     * anonymousAccessUrls; }
+     * 
+     * public void setAnonymousAccessUrls(ArrayList<String> anonymousAccessUrls) {
+     * //this.anonymousAccessUrls = anonymousAccessUrls; for (String
+     * anonymousAccessUrl: anonymousAccessUrls){
+     * this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl); } }
+     */
+    /**
+     * @return the emailConfig
+     */
+    public EmailConfig getEmailConfig() {
+        return emailConfig;
+    }
+
+    /**
+     * @param emailConfig the emailConfig to set
+     */
+    public void setEmailConfig(EmailConfig emailConfig) {
+        this.emailConfig = emailConfig;
+    }
+
+    public String getManageUri() {
+        return manageUri;
+    }
+
+    public void setManageUri(String manageUri) {
+        this.manageUri = manageUri;
+    }
+
+    public String getDefaultUri() {
+        return defaultUri;
+    }
+
+    public void setDefaultUri(String defaultUri) {
+        this.defaultUri = defaultUri;
+    }
+
+    /*
+     * public boolean isWhiteList() { return whiteList; }
+     * 
+     * public void setWhiteList(boolean whiteList) { this.whiteList = whiteList; }
+     */
 
-	public void setWhiteList(boolean whiteList) {
-		this.whiteList = whiteList;
-	}*/
-	
 }
diff --git a/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java b/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
index dbe642891..e64e4ac65 100644
--- a/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
@@ -11,7 +11,7 @@ public class LoginConfig {
     boolean captcha;
     
     //验证码类型 text 文本 ， arithmetic算术验证码
-    @Value("${config.login.captcha.type}")
+    @Value("${config.login.captcha.type:text}")
     String captchaType;
     
     @Value("${config.login.onetimepwd}")
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
index 6b5983406..2d1605b2c 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
@@ -1,10 +1,17 @@
 package org.maxkey;
 
+import java.io.IOException;
+import java.util.Properties;
+
 import org.apache.catalina.Context;
 import org.apache.catalina.connector.Connector;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.maxkey.authz.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter;
+import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
+import org.maxkey.crypto.password.PasswordReciprocal;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 import org.springframework.boot.web.server.ConfigurableWebServerFactory;
@@ -15,12 +22,19 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.ImportResource;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
 import org.springframework.http.HttpStatus;
 
+import com.google.code.kaptcha.Producer;
+import com.google.code.kaptcha.impl.DefaultKaptcha;
+import com.google.code.kaptcha.util.Config;
+
 @Configuration
 @ImportResource(locations = { "classpath:spring/maxkey.xml" })
 @PropertySource("classpath:/application.properties")
 public class MaxKeyConfig {
+    private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
     @Value("${server.port:8080}")
     private int port;
 
@@ -86,5 +100,32 @@ public class MaxKeyConfig {
         tomcat.addAdditionalTomcatConnectors(connector);
         return tomcat;
     }
+    
+    @Bean(name = "passwordReciprocal")
+    public PasswordReciprocal passwordReciprocal() {
+        return new PasswordReciprocal();
+    }
+    
+    @Bean(name = "savedRequestSuccessHandler")
+    public SavedRequestAwareAuthenticationSuccessHandler SavedRequestAwareAuthenticationSuccessHandler() {
+        return new SavedRequestAwareAuthenticationSuccessHandler();
+    }
+    
+    /**
+     * Captcha Producer  Config .
+     * @return Producer
+     * @throws IOException
+     */
+    @Bean(name = "captchaProducer")
+    public Producer captchaProducer() throws IOException{
+        Resource resource = new ClassPathResource("config/kaptcha.properties");
+        _logger.debug("Kaptcha config file " + resource.getURL());
+        DefaultKaptcha  kaptcha=new DefaultKaptcha();
+        Properties properties = new Properties();
+        properties.load(resource.getInputStream());
+        Config config = new Config(properties);
+        kaptcha.setConfig(config);
+        return kaptcha;
+    }
 
 }
diff --git a/maxkey-web-maxkey/src/main/resources/config/kaptcha.properties b/maxkey-web-maxkey/src/main/resources/config/kaptcha.properties
new file mode 100644
index 000000000..ed39b3c30
--- /dev/null
+++ b/maxkey-web-maxkey/src/main/resources/config/kaptcha.properties
@@ -0,0 +1,9 @@
+kaptcha.image.width=80
+kaptcha.image.height=25
+kaptcha.border=no
+kaptcha.obscurificator.impl=com.google.code.kaptcha.impl.ShadowGimpy
+kaptcha.textproducer.font.size=23
+kaptcha.textproducer.char.string=0123456789
+kaptcha.textproducer.char.length=4
+kaptcha.noise.impl=com.google.code.kaptcha.impl.NoNoise
+#kaptcha.noise.color=white
\ No newline at end of file
diff --git a/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml b/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
index 9137eec3e..e98d886ec 100644
--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
@@ -72,12 +72,6 @@
 		
 		<ref bean="localeChangeInterceptor" />
 	</mvc:interceptors>
-     <!--
-	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="validity" value="${config.login.remeberme.validity}"/>
-	</bean>
-	  -->
 	  
 	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
 	</bean>
@@ -88,7 +82,6 @@
 		<property name="issuer" value="MaxKey" />
 		<property name="domain" value="MaxKey.org" />
 		<property name="period" value="30" />
-		
 	</bean>
 	
 	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
@@ -109,33 +102,6 @@
 	<!-- Authentication Password Encoder Config -->
 	<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>   
 	
-	<bean id="passwordReciprocal" class="org.maxkey.crypto.password.PasswordReciprocal"></bean>
-	
-	<!-- Captcha Producer  Config -->
-	<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
-        <property name="config">
-	        <bean id="kaptchaConfig" class="com.google.code.kaptcha.util.Config">
-	             <constructor-arg type="java.util.Properties">
-	                     <props>
-	                             <prop key="kaptcha.image.width">80</prop> 
-	                             <prop key="kaptcha.image.height">25</prop>
-	                             <prop key="kaptcha.border">no</prop>
-	                             <prop key="kaptcha.obscurificator.impl">com.google.code.kaptcha.impl.ShadowGimpy</prop>
-	                             <prop key="kaptcha.textproducer.font.size">23</prop>
-	                             <prop key="kaptcha.textproducer.char.string">0123456789</prop>
-	                             <prop key="kaptcha.textproducer.char.length">4</prop>
-	                             <prop key="kaptcha.noise.impl">com.google.code.kaptcha.impl.NoNoise</prop>
-	                             <!-- 干扰线
-	                             <prop key="kaptcha.noise.color">white</prop>
-	                               -->
-	                     </props>
-	             </constructor-arg>
-	     </bean>
-	    </property>
-	</bean>
-	
-   	<bean id="savedRequestSuccessHandler" class="org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler"> </bean>
-
 	<!-- LDAP Realm 
 	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
 		<constructor-arg ref="jdbcTemplate"/>
diff --git a/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml b/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
index 179f85d25..59626347f 100644
--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
@@ -101,9 +101,6 @@
 		</property>
 	</bean>
 
-	<!-- View Resolver
-	<bean id="viewResolver"  class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/templates/" p:suffix=".jsp" p:order="2" />
-	 -->
 	<!-- upload file support -->
     <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
     	<property name="maxUploadSize" value="4194304" />