diff --git a/basic-interface/src/main/java/ink/wgink/interfaces/config/ICustomUserSecurityConfig.java b/basic-interface/src/main/java/ink/wgink/interfaces/config/ICustomUserSecurityConfig.java
new file mode 100644
index 00000000..65d74c11
--- /dev/null
+++ b/basic-interface/src/main/java/ink/wgink/interfaces/config/ICustomUserSecurityConfig.java
@@ -0,0 +1,11 @@
+package ink.wgink.interfaces.config;
+
+/**
+ * @ClassName: ICustomUserSecurityConfig
+ * @Description:
+ * @Author: wanggeng
+ * @Date: 2023/2/13 09:27
+ * @Version: 1.0
+ */
+public interface ICustomUserSecurityConfig {
+}
diff --git a/basic-util/src/main/java/ink/wgink/util/CastUtils.java b/basic-util/src/main/java/ink/wgink/util/CastUtils.java
new file mode 100644
index 00000000..c8887bfe
--- /dev/null
+++ b/basic-util/src/main/java/ink/wgink/util/CastUtils.java
@@ -0,0 +1,17 @@
+package ink.wgink.util;
+
+/**
+ * @ClassName: CastUtils
+ * @Description:
+ * @Author: wanggeng
+ * @Date: 2023/2/13 09:25
+ * @Version: 1.0
+ */
+public class CastUtils {
+
+    @SuppressWarnings("unchecked")
+    public static <T> T cast(Object object) {
+        return (T) object;
+    }
+
+}
diff --git a/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java b/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java
index 068eb39d..2534675b 100644
--- a/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java
+++ b/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java
@@ -1,6 +1,7 @@
 package ink.wgink.login.base.security;
 
 import ink.wgink.common.handler.AccessDenyHandler;
+import ink.wgink.interfaces.config.ICustomUserSecurityConfig;
 import ink.wgink.interfaces.expand.login.ILoginHandlerService;
 import ink.wgink.interfaces.user.mongo.IMongoLoginUserService;
 import ink.wgink.login.base.handler.LoginFailureHandler;
@@ -9,15 +10,20 @@ import ink.wgink.login.base.security.user.UserSecurityConfig;
 import ink.wgink.login.base.service.user.UserDetailServiceImpl;
 import ink.wgink.login.base.service.user.UserLoginService;
 import ink.wgink.properties.BaseProperties;
+import ink.wgink.util.CastUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.DefaultSecurityFilterChain;
 
 import javax.servlet.http.HttpSession;
+import java.util.Map;
 
 /**
  * @ClassName: WebSecurityConfig
@@ -43,6 +49,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     private PasswordEncoder passwordEncoder;
     @Autowired(required = false)
     private IMongoLoginUserService mongoLoginUserService;
+    @Autowired
+    private ApplicationContext applicationContext;
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -84,6 +92,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .csrf()
                 .disable();
         addUserAuthenticationFilter(http, loginFailureHandler);
+        addCustomUserAuthenticationFilters(http);
     }
 
     /**
@@ -105,6 +114,18 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         http.apply(userSecurityConfig);
     }
 
+    private void addCustomUserAuthenticationFilters(HttpSecurity http) throws Exception {
+        Map<String, ICustomUserSecurityConfig> customUserSecurityConfigMap = applicationContext.getBeansOfType(ICustomUserSecurityConfig.class);
+        for (Map.Entry<String, ICustomUserSecurityConfig> kv : customUserSecurityConfigMap.entrySet()) {
+            ICustomUserSecurityConfig value = kv.getValue();
+            if (!(value instanceof SecurityConfigurerAdapter)) {
+                return;
+            }
+            SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> securityConfigurerAdapter = CastUtils.cast(value);
+            http.apply(securityConfigurerAdapter);
+        }
+    }
+
     @Bean
     @Override
     public AuthenticationManager authenticationManagerBean() throws Exception {