diff --git a/center.manager/src/main/java/com/lyms/cm/controller/sys/SysRolesController.java b/center.manager/src/main/java/com/lyms/cm/controller/sys/SysRolesController.java
index 5145989..053872d 100644
--- a/center.manager/src/main/java/com/lyms/cm/controller/sys/SysRolesController.java
+++ b/center.manager/src/main/java/com/lyms/cm/controller/sys/SysRolesController.java
@@ -1,8 +1,10 @@
 package com.lyms.cm.controller.sys;
 
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 import com.baomidou.mybatisplus.plugins.Page;
@@ -22,15 +24,16 @@ import com.lyms.web.controller.BaseController;
 @RequestMapping("/sysRoles")
 public class SysRolesController extends BaseController {
     
+    @Autowired
     private SysRolesService sysRolesService;
     
     
-    @RequestMapping("/list")
+    @RequestMapping("/toList")
     public String list() {
         return "/role/role_list";
     }
 
-    @RequestMapping("/getRoleList")
+    @RequestMapping(value = "/getRoleList", method = { RequestMethod.POST })
     @ResponseBody
     public java.util.Map<String, Object> getRoleList(){
         Page<SysRoles> page = getPage();
diff --git a/center.manager/src/main/java/com/lyms/cm/shiro/ShiroRealm.java b/center.manager/src/main/java/com/lyms/cm/shiro/ShiroRealm.java
index fc00073..022537b 100644
--- a/center.manager/src/main/java/com/lyms/cm/shiro/ShiroRealm.java
+++ b/center.manager/src/main/java/com/lyms/cm/shiro/ShiroRealm.java
@@ -1,40 +1,48 @@
-//package com.lyms.cm.shiro;
-//
-//import java.util.Arrays;
-//import java.util.HashSet;
-//
-//import org.apache.shiro.authc.AccountException;
-//import org.apache.shiro.authc.AuthenticationException;
-//import org.apache.shiro.authc.AuthenticationInfo;
-//import org.apache.shiro.authc.AuthenticationToken;
-//import org.apache.shiro.authc.SimpleAuthenticationInfo;
-//import org.apache.shiro.authc.UnknownAccountException;
-//import org.apache.shiro.authc.UsernamePasswordToken;
-//import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
-//import org.apache.shiro.authz.AuthorizationInfo;
-//import org.apache.shiro.authz.SimpleAuthorizationInfo;
-//import org.apache.shiro.realm.AuthorizingRealm;
-//import org.apache.shiro.subject.PrincipalCollection;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.beans.factory.annotation.Autowired;
-//
-//import com.lyms.cm.entity.sys.User;
-//import com.lyms.cm.service.sys.ResourceService;
-//import com.lyms.cm.service.sys.UserService;
-//import com.lyms.shiro.HashUtils;
-//import com.lyms.shiro.ShiroWebUtils;
-//import com.lyms.util.StrUtils;
-//
-///**
-// * <li>@ClassName: ShiroRealm
-// * <li>@Description: 自定义Realm授权与验证实现
-// * <li>@author 方承
-// * <li>@date 2015年12月29日
-// * <li>
-// */
-//public class ShiroRealm extends AuthorizingRealm {
-//
+package com.lyms.cm.shiro;
+
+import java.util.Arrays;
+import java.util.HashSet;
+
+import org.apache.shiro.authc.AccountException;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import com.lyms.shiro.HashUtils;
+import com.lyms.shiro.ShiroWebUtils;
+import com.lyms.util.StrUtils;
+
+/**
+ * <li>@ClassName: ShiroRealm
+ * <li>@Description: 自定义Realm授权与验证实现
+ * <li>@author 方承
+ * <li>@date 2015年12月29日
+ * <li>
+ */
+public class ShiroRealm extends AuthorizingRealm {
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
 //	@SuppressWarnings("unused")
 //	private static Logger logger = LoggerFactory.getLogger(ShiroRealm.class);
 //	
@@ -84,5 +92,5 @@
 //		AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, pwd.toString(), username);
 //		return authcInfo;
 //	}
-//
-//}
+
+}
diff --git a/center.manager/src/main/webapp/WEB-INF/views/role/role_list.html b/center.manager/src/main/webapp/WEB-INF/views/role/role_list.html
index 597e1bb..4ea78ff 100644
--- a/center.manager/src/main/webapp/WEB-INF/views/role/role_list.html
+++ b/center.manager/src/main/webapp/WEB-INF/views/role/role_list.html
@@ -35,7 +35,7 @@
 <script type="text/javascript">
 ## 参考 base_table_init.js 或者根据empty_bootstrap_table_init.js 来自己创建特殊的table
 ## 注意:自己创建的特殊的table不能extends base_list.html
-var default_dataUrl = "${ctx}/role/getRoleList";
+var default_dataUrl = "${ctx}/sysRoles/getRoleList";
 var default_dataColumns = [{
 						    field: 'check_state',
 						    title: '',
diff --git a/core.sdk/src/main/java/com/lyms/web/controller/BaseController.java b/core.sdk/src/main/java/com/lyms/web/controller/BaseController.java
index a8cbba6..edae07e 100644
--- a/core.sdk/src/main/java/com/lyms/web/controller/BaseController.java
+++ b/core.sdk/src/main/java/com/lyms/web/controller/BaseController.java
@@ -12,6 +12,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.propertyeditors.CustomDateEditor;
 import org.springframework.util.StringUtils;
 import org.springframework.web.bind.ServletRequestDataBinder;
@@ -32,10 +33,10 @@ public class BaseController {
 
 	protected Logger logger = LoggerFactory.getLogger(this.getClass());
 
-	// @Autowired
+	@Autowired
 	protected HttpServletRequest request;
 
-	// @Autowired
+	@Autowired
 	protected HttpServletResponse response;
 
 	@InitBinder