diff --git a/src/main/java/com/nis/web/controller/configuration/manipulation/IpMultiplexController.java b/src/main/java/com/nis/web/controller/configuration/manipulation/IpMultiplexController.java
index f64251c18..3bf354dd2 100644
--- a/src/main/java/com/nis/web/controller/configuration/manipulation/IpMultiplexController.java
+++ b/src/main/java/com/nis/web/controller/configuration/manipulation/IpMultiplexController.java
@@ -83,7 +83,7 @@ public class IpMultiplexController extends CommonController {
 		return "redirect:" + adminPath +"/manipulation/ipmulitiplex/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"/audit"})
-//	@RequiresPermissions("ip:mulitiplex:audit")
+	@RequiresPermissions("ip:mulitiplex:audit")
 	public String auditIp(String cfgName,String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditIp(cfgName,ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/manipulation/ipmulitiplex");
diff --git a/src/main/java/com/nis/web/controller/configuration/manipulation/RatelimitController.java b/src/main/java/com/nis/web/controller/configuration/manipulation/RatelimitController.java
index 41294544c..157811b5c 100644
--- a/src/main/java/com/nis/web/controller/configuration/manipulation/RatelimitController.java
+++ b/src/main/java/com/nis/web/controller/configuration/manipulation/RatelimitController.java
@@ -96,7 +96,7 @@ public class RatelimitController extends CommonController {
 		return "redirect:" + adminPath +"/manipulation/ratelimit/domain/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"/ip/audit"})
-//	@RequiresPermissions("ip:ratelimit:audit")
+	@RequiresPermissions("ip:ratelimit:audit")
 	public String auditIp(String cfgName,String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditIp(cfgName,ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/manipulation/ratelimit/ip");
@@ -104,7 +104,7 @@ public class RatelimitController extends CommonController {
 		return "redirect:" + adminPath +"/manipulation/ratelimit/ip/list?functionId="+cfg.getFunctionId();
 	}
 	@RequestMapping(value = {"/domain/audit"})
-//	@RequiresPermissions("domain:ratelimit:audit")
+	@RequiresPermissions("domain:ratelimit:audit")
 	public String auditDomain(String ids,HttpUrlCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditDomain(ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/manipulation/ratelimit/domain");
diff --git a/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java b/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
index c59a76b52..65dc92ae0 100644
--- a/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
+++ b/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
@@ -56,7 +56,7 @@ public class IpController extends CommonController{
 		return "redirect:" + adminPath +"/ntc/iplist/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"audit"})
-//	@RequiresPermissions("iplist:audit")
+	@RequiresPermissions("iplist:audit")
 	public String audit(String cfgName,String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditIp(cfgName, ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/ntc/iplist");
diff --git a/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java b/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java
index 967354351..65698ce81 100644
--- a/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java
+++ b/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java
@@ -34,7 +34,7 @@ import com.nis.web.controller.BaseController;
 public class WhiteListController extends BaseController{
 	
 	@RequestMapping(value = {"ipList"})
-	@RequiresPermissions(value={"whitelist:config","whitelist:audit"},logical=Logical.OR)
+	@RequiresPermissions(value={"whitelist:ip:config","whitelist:ip:audit"},logical=Logical.OR)
 	public String ipList(Model model,@ModelAttribute("cfg")IpPortCfg cfg,HttpServletRequest request,HttpServletResponse response) {
 		cfg.setTableName(IpPortCfg.getTablename());
 		Page<BaseIpCfg> searchPage=new Page<BaseIpCfg>(request,response,"r");
@@ -44,7 +44,7 @@ public class WhiteListController extends BaseController{
 		return "/cfg/whitelist/ipList";
 	}
 	@RequestMapping(value = {"domainList"})
-	@RequiresPermissions(value={"whitelist:config","whitelist:audit"},logical=Logical.OR)
+	@RequiresPermissions(value={"whitelist:domain:config","whitelist:domain:audit"},logical=Logical.OR)
 	public String domainList(Model model,@ModelAttribute("cfg")HttpUrlCfg cfg,HttpServletRequest request,HttpServletResponse response) {
 		cfg.setTableName(HttpUrlCfg.getTablename());
 		Page<HttpUrlCfg> searchPage=new Page<HttpUrlCfg>(request,response,"r");
@@ -54,7 +54,7 @@ public class WhiteListController extends BaseController{
 		return "/cfg/whitelist/domainList";
 	}
 	@RequestMapping(value = {"ipForm"})
-	@RequiresPermissions(value={"whitelist:config"})
+	@RequiresPermissions(value={"whitelist:ip:config"})
 	public String ipForm(Model model,String ids,BaseIpCfg entity) {
 		if(StringUtils.isNotBlank(ids)){
 			entity = ipCfgService.getIpCfgById(IpPortCfg.getTablename(),Long.parseLong(ids));
@@ -73,7 +73,7 @@ public class WhiteListController extends BaseController{
 		return "/cfg/whitelist/ipForm";
 	}
 	@RequestMapping(value = {"domainForm"})
-	@RequiresPermissions(value={"whitelist:config"})
+	@RequiresPermissions(value={"whitelist:domain:config"})
 	public String domainForm(Model model,String ids,HttpUrlCfg entity) {
 		if(StringUtils.isNotBlank(ids)){
 			entity = domainService.getStringCfgById(Long.parseLong(ids));
@@ -140,7 +140,7 @@ public class WhiteListController extends BaseController{
 	}
 	
 	@RequestMapping(value = {"deleteIp"})
-	@RequiresPermissions("whitelist:config")
+	@RequiresPermissions("whitelist:ip:config")
 	public String deleteIp(String ids,Integer functionId,RedirectAttributes model) {
 		try{
 			ipCfgService.deleteIp(ids,null,functionId.intValue());
@@ -152,7 +152,7 @@ public class WhiteListController extends BaseController{
 		return "redirect:" + adminPath +"/ntc/whitelist/ipList?functionId="+functionId;
 	}
 	@RequestMapping(value = {"deleteDomain"})
-	@RequiresPermissions("whitelist:config")
+	@RequiresPermissions("whitelist:domain:config")
 	public String deleteDomain(String ids,Integer functionId,RedirectAttributes model) {
 		try{
 			domainService.deleteWhiteDomain(ids);
@@ -164,7 +164,7 @@ public class WhiteListController extends BaseController{
 		return "redirect:" + adminPath +"/ntc/whitelist/domainList?functionId="+functionId;
 	}
 	@RequestMapping(value = {"auditIp"})
-//	@RequiresPermissions("whitelist:aduit")
+	@RequiresPermissions("whitelist:ip:aduit")
 	public String auditIp(String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		try{
 			for(String id:ids.split(",")){
@@ -191,7 +191,7 @@ public class WhiteListController extends BaseController{
 		return "redirect:" + adminPath +"/ntc/whitelist/ipList?functionId="+cfg.getFunctionId();
 	}
 	@RequestMapping(value = {"auditDomain"})
-//	@RequiresPermissions("whitelist:aduit")
+	@RequiresPermissions("whitelist:domain:aduit")
 	public String auditDomain(String ids,HttpUrlCfg cfg,RedirectAttributes redirectAttributes) {
 		try{
 			List<HttpUrlCfg> beans=domainService.getListByCfgId(ids);
diff --git a/src/main/java/com/nis/web/controller/configuration/ntc/XmppController.java b/src/main/java/com/nis/web/controller/configuration/ntc/XmppController.java
index e142eac1f..7e56d8cca 100644
--- a/src/main/java/com/nis/web/controller/configuration/ntc/XmppController.java
+++ b/src/main/java/com/nis/web/controller/configuration/ntc/XmppController.java
@@ -70,7 +70,7 @@ public class XmppController extends BaseController {
 		return "redirect:" + adminPath +"/ntc/other/xmppList?functionId="+functionId;
 	}
 	@RequestMapping(value = {"auditXmppCfg"})
-	@RequiresPermissions(value={"other:xmpp:config"})
+	@RequiresPermissions(value={"other:xmpp:audit"})
 	public String auditXmppCfg(Integer isAudit,Integer isValid,String ids,Integer functionId, RedirectAttributes redirectAttributes) {
 		CfgIndexInfo entity = new CfgIndexInfo();
 		String[] idArray = ids.split(",");
diff --git a/src/main/java/com/nis/web/controller/configuration/proxy/ControlController.java b/src/main/java/com/nis/web/controller/configuration/proxy/ControlController.java
index 1ca274f61..cbeb32e54 100644
--- a/src/main/java/com/nis/web/controller/configuration/proxy/ControlController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/ControlController.java
@@ -96,7 +96,7 @@ public class ControlController extends CommonController {
 		return "redirect:" + adminPath +"/proxy/control/domain/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"/ip/audit"})
-//	@RequiresPermissions("control:ip:audit")
+	@RequiresPermissions("control:ip:audit")
 	public String auditIp(String cfgName,String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditIp(cfgName,ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/proxy/control/ip");
@@ -104,7 +104,7 @@ public class ControlController extends CommonController {
 		return "redirect:" + adminPath +"/proxy/control/ip/list?functionId="+cfg.getFunctionId();
 	}
 	@RequestMapping(value = {"/domain/audit"})
-//	@RequiresPermissions("control:domain:audit")
+	@RequiresPermissions("control:domain:audit")
 	public String auditDomain(String ids,HttpUrlCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditDomain(ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/proxy/control/domain");
diff --git a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
index 44b07fff7..1e58b6a28 100644
--- a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
@@ -86,7 +86,7 @@ public class InterceptController extends CommonController{
 		return "redirect:" + adminPath +"/proxy/intercept/domain/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"/ip/audit"})
-//	@RequiresPermissions("intercept:ip:audit")
+	@RequiresPermissions("intercept:ip:audit")
 	public String auditIp(String cfgName,String ids,IpPortCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditIp(cfgName,ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/proxy/intercept/ip");
@@ -94,7 +94,7 @@ public class InterceptController extends CommonController{
 		return "redirect:" + adminPath +"/proxy/intercept/ip/list?functionId="+cfg.getFunctionId();
 	}
 	@RequestMapping(value = {"/domain/audit"})
-//	@RequiresPermissions("intercept:domain:audit")
+	@RequiresPermissions("intercept:domain:audit")
 	public String auditDomain(String ids,HttpUrlCfg cfg,RedirectAttributes redirectAttributes) {
 		this._auditDomain(ids, cfg, redirectAttributes);
 		redirectAttributes.addAttribute("urlPrefix","/proxy/intercept/domain");
diff --git a/src/main/webapp/WEB-INF/views/cfg/common/ipList.jsp b/src/main/webapp/WEB-INF/views/cfg/common/ipList.jsp
index eeffab05b..ad242fa17 100644
--- a/src/main/webapp/WEB-INF/views/cfg/common/ipList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/common/ipList.jsp
@@ -144,7 +144,7 @@
 	                                        <sys:delRow url="${ctx}${urlPrefix}/delete?functionId=${cfg.functionId}&cfgName=${cfgName}" id="contentTable" label="delete"></sys:delRow>
                                         	<sys:delRow url="${ctx}${urlPrefix}/export?functionId=${cfg.functionId}" id="contentTable" label="export" maxRow="${page.maxExportSize}"></sys:delRow>
                                         </shiro:hasPermission>
-                                   		<shiro:hasPermission name="${requiresPermissionPrefix.concat(':config')}">
+                                   		<shiro:hasPermission name="${requiresPermissionPrefix.concat(':audit')}">
 	                                        <div class="btn-group">
 	                                            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
 	                                                <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>
diff --git a/src/main/webapp/WEB-INF/views/cfg/other/xmppList.jsp b/src/main/webapp/WEB-INF/views/cfg/other/xmppList.jsp
index d4fba1dd2..204c685ba 100644
--- a/src/main/webapp/WEB-INF/views/cfg/other/xmppList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/other/xmppList.jsp
@@ -154,7 +154,7 @@
 							 			<sys:delRow url="${ctx}/ntc/other/xmppForm" id="contentTable" label="update"></sys:delRow>
                                         <sys:delRow url="${ctx}/ntc/other/updatexmppCfgValid?isValid=-1&functionId=${cfg.functionId }" id="contentTable" label="delete"></sys:delRow>
                                     </shiro:hasPermission>
-                               		<shiro:hasPermission name="other:xmpp:config">
+                               		<shiro:hasPermission name="other:xmpp:audit">
 	                                    <div class="btn-group">
 	                                        <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
 	                                            <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>
diff --git a/src/main/webapp/WEB-INF/views/cfg/whitelist/domainList.jsp b/src/main/webapp/WEB-INF/views/cfg/whitelist/domainList.jsp
index dec2d28d9..b448fbe40 100644
--- a/src/main/webapp/WEB-INF/views/cfg/whitelist/domainList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/whitelist/domainList.jsp
@@ -53,7 +53,7 @@
 <div class="page-content">
 	<div class="theme-panel hidden-xs hidden-sm">
 		<%-- <button type="button" class="btn btn-default" onclick="location='${ctx}/cfg/string/list?serviceId=${serviceId}&action=${action}&cfgName=${cfgName}'"><spring:message code="refresh"></spring:message></button> --%>
-			<shiro:hasPermission name="whitelist:config">
+			<shiro:hasPermission name="whitelist:domain:config">
 			<button type="button" class="btn btn-primary"
 			onClick="javascript:window.location='${ctx}/ntc/whitelist/domainForm?functionId=${cfg.functionId}'">
 			<i class="fa fa-plus"></i>
@@ -113,13 +113,13 @@
 	                                 <button type="button" class="btn btn-default" id="filter-btn"> <spring:message code="filter"/>  <i class="fa fa-angle-double-down"></i></button>
 								</div>
 								 <div class="pull-right">
-								 		<shiro:hasPermission name="whitelist:config">
+								 		<shiro:hasPermission name="whitelist:domain:config">
                                         	<sys:delRow url="${ctx}/ntc/whitelist/domainForm?functionId=${cfg.functionId}" id="contentTable" label="update"></sys:delRow>
                                             <sys:delRow url="${ctx}/ntc/whitelist/deleteDomain?functionId=${cfg.functionId}" id="contentTable" label="delete"></sys:delRow>
                                       	 </shiro:hasPermission>
                                       <!--   <button type="button" class="btn btn-default">
                                             <i class="fa fa-download"></i> 导出</button> -->
-                                    		<shiro:hasPermission name="whitelist:config">
+                                    		<shiro:hasPermission name="whitelist:domain:audit">
 	                                        <div class="btn-group">
 	                                            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
 	                                                <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>
diff --git a/src/main/webapp/WEB-INF/views/cfg/whitelist/ipList.jsp b/src/main/webapp/WEB-INF/views/cfg/whitelist/ipList.jsp
index c650ffd5a..d667956a8 100644
--- a/src/main/webapp/WEB-INF/views/cfg/whitelist/ipList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/whitelist/ipList.jsp
@@ -45,7 +45,7 @@
 <div class="page-content">
 	<div class="theme-panel hidden-xs hidden-sm">
 		<%-- <button type="button" class="btn btn-default" onclick="location='${ctx}/cfg/ip/list?serviceId=${serviceId}&action=${action}&cfgName=${cfgName}&audit=${audit}'"><spring:message code="refresh"></spring:message></button> --%>
-		<shiro:hasPermission name="whitelist:config">
+		<shiro:hasPermission name="whitelist:ip:config">
 			<button type="button" class="btn btn-primary"
 			onClick="javascript:window.location='${ctx}/ntc/whitelist/ipForm?functionId=${cfg.functionId}'">
 			<i class="fa fa-plus"></i>
@@ -105,11 +105,11 @@
 	                                 <button type="button" class="btn btn-default" id="filter-btn"> <spring:message code="filter"/><i class="fa fa-angle-double-down"></i></button>
 								</div>
 								 <div class="pull-right">
-								 		<shiro:hasPermission name="whitelist:config">
+								 		<shiro:hasPermission name="whitelist:ip:config">
 									 		<sys:delRow url="${ctx}/ntc/whitelist/ipForm?functionId=${cfg.functionId}" id="contentTable" label="update"></sys:delRow>
 	                                        <sys:delRow url="${ctx}/ntc/whitelist/deleteIp?functionId=${cfg.functionId}" id="contentTable" label="delete"></sys:delRow>
                                         </shiro:hasPermission>
-                                   		<shiro:hasPermission name="whitelist:config">
+                                   		<shiro:hasPermission name="whitelist:ip:audit">
 	                                        <div class="btn-group">
 	                                            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
 	                                                <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>