diff --git a/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java b/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java
index 01ccde4..ff1a907 100644
--- a/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java
+++ b/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java
@@ -115,7 +115,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers("/login", "/register", "/captchaImage").anonymous()
                 // 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
-                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**", "/nurseApplet/**", "/nurseApp/**", "/specialDisease/getUserInfo", "/monitor/payTask/handCloseOrder", "/newApp/login/**", "/system/hospitalPerson/**").permitAll()
+                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**", "/nurseApplet/**", "/nurseApp/**", "/specialDisease/getUserInfo", "/monitor/payTask/handCloseOrder", "/newApp/login/**", "/system/hospitalPerson/**", "/evaluate/**", "/webSocket/**").permitAll()
                 .antMatchers(antMatchers.split(",")).permitAll()
                 // 除上面外的所有请求全部需要鉴权认证
                 .anyRequest().authenticated()