diff --git a/mall-ebtp-cloud-attachment-sdk/src/main/resources/attachment-sdk-cofiguration.properties b/mall-ebtp-cloud-attachment-sdk/src/main/resources/attachment-sdk-cofiguration.properties
index e62f226..149515d 100644
--- a/mall-ebtp-cloud-attachment-sdk/src/main/resources/attachment-sdk-cofiguration.properties
+++ b/mall-ebtp-cloud-attachment-sdk/src/main/resources/attachment-sdk-cofiguration.properties
@@ -2,6 +2,8 @@ feign.hystrix.enabled=true
 feign.client.config.default.retryer=feign.Retryer.Default
 hystrix.command.default.execution.isolation.thread.timeoutInMilliseconds=600000
 
+server.max-http-header-size=2048576
+
 # document center id
 document.center.service.id=core-service-document-center
-document.center.ip-address=http://10.242.31.158:8801/
\ No newline at end of file
+document.center.ip-address=http://10.238.25.112:8100/doc/
\ No newline at end of file
diff --git a/mall-ebtp-cloud-security-starter/pom.xml b/mall-ebtp-cloud-security-starter/pom.xml
index 931b060..13b1e9b 100644
--- a/mall-ebtp-cloud-security-starter/pom.xml
+++ b/mall-ebtp-cloud-security-starter/pom.xml
@@ -30,5 +30,10 @@
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-lang3</artifactId>
 		</dependency>
+		
+		<dependency>
+			<groupId>com.chinaunicom.ebtp</groupId>
+			<artifactId>mall-ebtp-cloud-feign-starter</artifactId>
+		</dependency>
 	</dependencies>
 </project>
diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
index 569732e..943813a 100644
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
@@ -1,11 +1,15 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter;
 
+import org.springframework.cloud.openfeign.EnableFeignClients;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.web.client.RestTemplate;
 
 @Configuration
+@EnableFeignClients(basePackages = "com.chinaunicom.mall.ebtp.cloud.security.starter")
+@ComponentScan(basePackages = "com.chinaunicom.mall.ebtp.cloud.security.starter")
 @PropertySource("classpath:security-configuration.properties")
 public class SecurityStarterConfiguration {
 
diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/client/UserCenterClient.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/client/UserCenterClient.java
new file mode 100644
index 0000000..8c8ba01
--- /dev/null
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/client/UserCenterClient.java
@@ -0,0 +1,27 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.client;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.fallback.UserCenterClientFallback;
+
+/**
+ * 连接山分的文档中心服务
+ * 
+ * @author Ajaxfan
+ */
+@FeignClient(name = "${mall-ebtp.userinfo.id}", fallback = UserCenterClientFallback.class)
+public interface UserCenterClient {
+
+	/**
+	 * 通过附件id查询明细
+	 * 
+	 * @param fileId
+	 * @return
+	 */
+	@RequestMapping(method = RequestMethod.GET, value = "v1/userinfo/get")
+	SecurityUser getUserInfo();
+
+}
diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java
new file mode 100644
index 0000000..640b672
--- /dev/null
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java
@@ -0,0 +1,20 @@
+package com.chinaunicom.mall.ebtp.cloud.security.starter.fallback;
+
+import org.springframework.stereotype.Component;
+
+import com.chinaunicom.mall.ebtp.cloud.security.starter.client.UserCenterClient;
+import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
+
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Component
+public class UserCenterClientFallback implements UserCenterClient {
+
+	@Override
+	public SecurityUser getUserInfo() {
+		log.error("Feign connect timeout.");
+		return new SecurityUser();
+	}
+
+}
diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
index 4280934..2bf5706 100644
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@@ -4,7 +4,6 @@ import java.io.IOException;
 import java.util.List;
 import java.util.Objects;
 import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
@@ -14,18 +13,12 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.RegExUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.core.env.Environment;
-import org.springframework.http.HttpEntity;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpMethod;
-import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.client.RestTemplate;
 import org.springframework.web.filter.OncePerRequestFilter;
 
+import com.chinaunicom.mall.ebtp.cloud.security.starter.client.UserCenterClient;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.RoleCodeAuthority;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.entity.SecurityUser;
@@ -40,10 +33,8 @@ import lombok.extern.slf4j.Slf4j;
 @Slf4j
 public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
-	private @Autowired RestTemplate restTemplate;
-	private @Autowired ApplicationContext context;
+	private @Autowired UserCenterClient client;
 
-	private final String token_url_config_format = "user.auth.resource.userinfo.%s";
 
 	/**
 	 * @param request
@@ -83,14 +74,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 	 * @return
 	 */
 	private Authentication getAuthentication(final String token, final String currentRoleCode) {
-		HttpHeaders headers = new HttpHeaders();
-		// 设置安全头
-		headers.add(HttpHeaders.AUTHORIZATION, String.format("Bearer %s", token));
-
-		ResponseEntity<SecurityUser> entity = restTemplate.exchange(getTokenURI(), HttpMethod.GET,
-				new HttpEntity<String>(headers), SecurityUser.class);
-
-		SecurityUser securityUser = entity.getBody();
+		SecurityUser securityUser = client.getUserInfo();
 
 		// 根据当前角色设定权限列表
 		List<RoleCodeAuthority> authorities = securityUser.getAuthorityList().stream()
@@ -101,27 +85,4 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 				authorities);
 	}
 
-	/**
-	 * 用户信息接口地址
-	 * 
-	 * @return
-	 */
-	private String getTokenURI() {
-		Environment env = context.getEnvironment();
-
-		String config = Stream.of(env.getActiveProfiles()).findFirst().map(first -> first).orElseGet(() -> "default");
-
-		return StringUtils.getIfEmpty(env.getProperty(format(config.toLowerCase())), () -> {
-			return env.getProperty(format("default"));
-		});
-	}
-
-	/**
-	 * @param text
-	 * @return
-	 */
-	private String format(String text) {
-		return String.format(token_url_config_format, text);
-	}
-
 }
diff --git a/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties b/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
index f692f8e..37d2b46 100644
--- a/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
+++ b/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
@@ -1,5 +1,3 @@
-user.auth.resource.userinfo.default=http://10.242.31.158:8100/core-service-ebtp-userinfo/v1/userinfo/get
-user.auth.resource.userinfo.uat=http://10.242.31.158:8100/core-service-ebtp-userinfo/v1/userinfo/get
-user.auth.resource.userinfo.test=http://10.242.37.148:8100/core-service-ebtp-userinfo/v1/userinfo/get
-user.auth.resource.userinfo.pro=http://10.238.25.112:8100/core-service-ebtp-userinfo/v1/userinfo/get
-user.auth.csrf.disable=true
\ No newline at end of file
+user.auth.csrf.disable=true
+
+mall-ebtp.userinfo.id=core-service-ebtp-userinfo
\ No newline at end of file