diff --git a/build.gradle b/build.gradle
index 25ec641..2460388 100644
--- a/build.gradle
+++ b/build.gradle
@@ -20,7 +20,7 @@ subprojects {
 
     ext {
         version '0.9.0'
-        gaea_version = '1.4.0'
+        gaea_version = '1.5.0'
         spring_version = "2.7.0"
     }
 
diff --git a/src/zeus.app/build.gradle b/src/zeus.app/build.gradle
index 8e40c6a..fc92b72 100644
--- a/src/zeus.app/build.gradle
+++ b/src/zeus.app/build.gradle
@@ -14,7 +14,7 @@ dependencies {
     api project(":src:zeus.domain")
     api project(":src:zeus.query")
     api project(":src:zeus.repository")
-    api "com.synebula:gaea.app:$gaea_version"
+    api("com.synebula:gaea.app:$gaea_version")
     api "com.synebula:gaea.spring:$gaea_version"
     api "com.synebula:gaea.mongodb:$gaea_version"
 
diff --git a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt
index 51a7a56..f63bbf3 100644
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt
@@ -1,7 +1,7 @@
 package com.synebula.zeus.app.config
 
 import com.google.gson.Gson
-import com.synebula.gaea.app.component.security.WebSecurity
+import com.synebula.gaea.data.message.HttpMessageFactory
 import com.synebula.gaea.data.serialization.json.IJsonSerializer
 import com.synebula.gaea.domain.repository.IRepositoryFactory
 import com.synebula.gaea.mongodb.query.MongodbQueryFactory
@@ -9,17 +9,12 @@ import com.synebula.gaea.mongodb.repository.MongodbRepositoryFactory
 import com.synebula.gaea.query.IQueryFactory
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.ComponentScan
-import org.springframework.context.annotation.ComponentScan.Filter
 import org.springframework.context.annotation.Configuration
-import org.springframework.context.annotation.FilterType
 import org.springframework.data.mongodb.core.MongoTemplate
 
 
 @Configuration
-@ComponentScan(
-    basePackages = ["com.synebula.gaea.app.component"],
-    excludeFilters = [Filter(type = FilterType.ASSIGNABLE_TYPE, classes = [WebSecurity::class])]
-)
+@ComponentScan(basePackages = ["com.synebula.gaea.app.component"])
 class ZeusBeans {
 
     @Bean
@@ -43,4 +38,9 @@ class ZeusBeans {
             }
         }
     }
+
+    @Bean
+    fun httpMessageFactory(serializer: IJsonSerializer): HttpMessageFactory {
+        return HttpMessageFactory(serializer)
+    }
 }
\ No newline at end of file
diff --git a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt
index 54099d5..e16133d 100644
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt
@@ -1,8 +1,10 @@
 package com.synebula.zeus.app.controller
 
 import com.synebula.gaea.app.IApplication
-import com.synebula.gaea.app.component.security.TokenManager
+import com.synebula.gaea.app.component.security.session.UserSession
+import com.synebula.gaea.app.component.security.session.UserSessionManager
 import com.synebula.gaea.data.message.HttpMessage
+import com.synebula.gaea.data.message.HttpMessageFactory
 import com.synebula.gaea.data.message.Status
 import com.synebula.gaea.data.serialization.json.IJsonSerializer
 import com.synebula.gaea.log.ILogger
@@ -11,10 +13,8 @@ import com.synebula.zeus.domain.service.cmd.rbac.UserCmd
 import com.synebula.zeus.domain.service.contr.rbac.IUserService
 import com.synebula.zeus.query.contr.IUserQuery
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.web.bind.annotation.PostMapping
-import org.springframework.web.bind.annotation.RequestBody
-import org.springframework.web.bind.annotation.RequestMapping
-import org.springframework.web.bind.annotation.RestController
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.web.bind.annotation.*
 
 @RestController
 @RequestMapping("/sign")
@@ -27,11 +27,14 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
     lateinit var userService: IUserService
 
     @Autowired
-    lateinit var tokenHelper: TokenManager
+    lateinit var userSessionManager: UserSessionManager
 
     @Autowired
     lateinit var serializer: IJsonSerializer
 
+    @Autowired
+    override lateinit var httpMessageFactory: HttpMessageFactory
+
     override var name: String = "用户登录管理"
 
     @Method("用户登录")
@@ -42,7 +45,7 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
             if (message.data != null) {
                 val user = message.data
                 user!!.remember = remember ?: false
-                val token = tokenHelper.sign(message.data!!)
+                val token = userSessionManager.signIn(user.uid, user)
                 it.data = token
             } else {
                 it.load(message)
@@ -50,10 +53,19 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
         }
     }
 
+
+    @Method("登录用户信息")
+    @GetMapping("/user")
+    fun signUser(): HttpMessage {
+        val userSession = SecurityContextHolder.getContext().authentication.principal as UserSession
+        return httpMessageFactory.create(userSession.user)
+    }
+
     @Method("用户登出")
     @PostMapping("/out")
-    fun signOut(user: String): HttpMessage {
-        return HttpMessage(user)
+    fun signOut(token: String): HttpMessage {
+        userSessionManager.signOut(token)
+        return this.httpMessageFactory.create(token)
     }
 
     @Method("用户注册")
diff --git a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt
index 5ddee5b..60ec0a0 100644
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt
@@ -25,7 +25,7 @@ class AuthorityApp(
     @PostMapping("/batch")
     fun add(@RequestBody cmd: AuthorityBatchAddCmd): HttpMessage {
         this.authorityService.add(cmd)
-        return HttpMessage()
+        return this.httpMessageFactory.create()
     }
 
     @Method("根据资源和角色删除权限")
@@ -36,6 +36,6 @@ class AuthorityApp(
         @RequestBody resource: List<String>
     ): HttpMessage {
         this.authorityService.removeByResourceRole(type, resource, role)
-        return HttpMessage()
+        return this.httpMessageFactory.create()
     }
 }
\ No newline at end of file
diff --git a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
index e06928c..8a73313 100644
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
@@ -28,7 +28,7 @@ class PageApp(
     @Method("获取角色系统下有权页面")
     @GetMapping("/in-system/{system}/authorized/{role}")
     fun authorized(@PathVariable system: String, @PathVariable role: String): HttpMessage {
-        val msg = HttpMessage()
+        val msg = this.httpMessageFactory.create()
         msg.data = this.pageQuery.authorized(role, system)
         return msg
     }
diff --git a/src/zeus.app/src/main/resources/application.yml b/src/zeus.app/src/main/resources/application.yml
index 54a2279..08e0d06 100644
--- a/src/zeus.app/src/main/resources/application.yml
+++ b/src/zeus.app/src/main/resources/application.yml
@@ -4,6 +4,8 @@ server:
 spring:
   application:
     name: gaea.app
+  sign-in-url: /sign/in
+  allow-multi-sign: false
   data:
     mongodb:
       uri: mongodb://127.0.0.1/zeus
diff --git a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt
index 5b3fa5f..3b0e2dd 100644
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt
@@ -1,6 +1,6 @@
 package com.synebula.zeus.domain.service.impl.rbac
 
-import com.synebula.gaea.bus.Subscribe
+import com.synebula.gaea.bus.DomainSubscribe
 import com.synebula.gaea.data.message.DataMessage
 import com.synebula.gaea.data.message.Status
 import com.synebula.gaea.data.serialization.IObjectMapper
@@ -25,13 +25,13 @@ class UserService(
     var logger: ILogger
 ) : Service<User, String>(User::class.java, factory.createRepository(User::class.java), mapper), IUserService {
 
-    @Subscribe(["groupBeforeRemoveEvent"])
+    @DomainSubscribe(domainClass = Role::class, messageClass = BeforeRemoveEvent::class)
     fun beforeRoleRemove(event: BeforeRemoveEvent<Role, String>) {
         if (this.repository.count(mapOf(Pair("role", event.id!!))) > 0)
             throw NoticeUserException("角色下还有用户")
     }
 
-    @Subscribe(["groupBeforeRemoveEvent"])
+    @DomainSubscribe(BeforeRemoveEvent::class, Group::class)
     fun beforeGroupRemove(event: BeforeRemoveEvent<Group, String>) {
         if (this.repository.count(mapOf(Pair("group", event.id!!))) > 0)
             throw NoticeUserException("用户组下还有用户")