diff --git a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
index 5473978e..67577e14 100644
--- a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
+++ b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
@@ -18,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import jakarta.annotation.Resource;
 
@@ -60,6 +61,15 @@ public class SecurityConfig {
         httpSecurity
                 .cors(Customizer.withDefaults())
                 .authorizeHttpRequests(auth -> auth
+                        .requestMatchers(
+                                new AntPathRequestMatcher("/doc.html"),
+                                new AntPathRequestMatcher("/swagger-ui.html"),
+                                new AntPathRequestMatcher("/swagger-ui/**"),
+                                new AntPathRequestMatcher("/swagger-resources/**"),
+                                new AntPathRequestMatcher("/v2/api-docs"),
+                                new AntPathRequestMatcher("/v3/api-docs/**"),
+                                new AntPathRequestMatcher("/webjars/**")
+                        ).permitAll()
                         .requestMatchers(securityProperties.getIgnorePaths()).permitAll()
                         .anyRequest().authenticated()
                 )
diff --git a/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java b/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
index 0c2236e8..726b015a 100644
--- a/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
+++ b/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
@@ -42,8 +42,11 @@ public class AuthenticationFilter extends OncePerRequestFilter {
     private SecurityProperties properties;
 
     private static final List<String> FILTER_URL =
-            Arrays.asList("/favicon.ico", "/doc.html", "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
-                    "/webjars/", "/swagger-resources", "/v2/api-docs", "/api/account/resetPwd",
+            Arrays.asList("/favicon.ico", "/doc.html", "/swagger-ui.html",
+                    "/swagger-resources", "/swagger-resources/", "/swagger-resources/configuration/ui", "/swagger-resources/configuration/security",
+                    "/webjars/", "/v2/api-docs", "/v3/api-docs", "/v3/api-docs/swagger-config",
+                    "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
+                    "/api/account/resetPwd",
                     "/api/python/saveGeneratePicture", "/api/python/getLibraryByUserId",
                     "/api/third/party/addUser","/api/third/party/addTrialUser", "/api/third/party/editUser", "/api/element/initDefaultSysFile",
                     "/api/third/party/addNoLoginRequiredNew","/api/third/party/deleteNoLoginRequiredNew","/api/third/party/updateNoLoginRequiredNew",