diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 9f649edb0..6a7b7d007 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -108,6 +108,9 @@ token:
 
 # security配置
 security:
+  # 登出路径
+  logout-url: /logout
+  # 匿名路径
   anonymous:
     - /login
     - /register
@@ -122,6 +125,8 @@ security:
     # actuator 监控配置
     - /actuator
     - /actuator/**
+  # 用户放行
+  permit-all:
 
 # 重复提交
 repeat-submit:
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 855be657c..229704f1b 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -109,11 +109,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                         "/**/*.js"
                 ).permitAll()
                 .antMatchers(securityProperties.getAnonymous()).anonymous()
+                .antMatchers(securityProperties.getPermitAll()).permitAll()
                 // 除上面外的所有请求全部需要鉴权认证
                 .anyRequest().authenticated()
                 .and()
                 .headers().frameOptions().disable();
-        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
+        httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler);
         // 添加JWT filter
         httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
         // 添加CORS filter
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
index 33414cedb..c83ffccbe 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
@@ -14,9 +14,19 @@ import org.springframework.stereotype.Component;
 @ConfigurationProperties(prefix = "security")
 public class SecurityProperties {
 
+    /**
+     * 退出登录url
+     */
+    private String logoutUrl;
+
     /**
      * 匿名放行路径
      */
     private String[] anonymous;
 
+    /**
+     * 用户任意访问放行路径
+     */
+    private String[] permitAll;
+
 }