diff --git a/common/src/main/java/com/jeesite/common/mapper/JsonMapper.java b/common/src/main/java/com/jeesite/common/mapper/JsonMapper.java
index 39862987..af9b035e 100644
--- a/common/src/main/java/com/jeesite/common/mapper/JsonMapper.java
+++ b/common/src/main/java/com/jeesite/common/mapper/JsonMapper.java
@@ -164,7 +164,7 @@ public class JsonMapper extends ObjectMapper {
 	/**
 	 * 当JSON里只含有Bean的部分属性時，更新一个已存在Bean，只覆盖该部分的属性.
 	 */
-	@SuppressWarnings("unchecked")
+	@SuppressWarnings({ "unchecked", "hiding" })
 	public <T> T update(String jsonString, T object) {
 		try {
 			return (T) this.readerForUpdating(object).readValue(jsonString);
diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java
index c92e00f4..cbc07bc2 100644
--- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java
+++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java
@@ -114,6 +114,7 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm  {
 				// 获取CAS传递过来的用户属性信息
 				user = new User(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("userCode"))));
 				user.setLoginCode(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("loginCode"))));
+				user.setCorpCode_(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("corpCode"))));
 				user.setPassword(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("password"))));
 				user.setUserName(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("userName"))));
 				user.setEmail(EncodeUtils.decodeUrl(ObjectUtils.toString(attrs.get("email"))));
@@ -145,7 +146,7 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm  {
 					}
 					
 					// 重新获取用户登录
-					user = UserUtils.getByLoginCode(token.getUsername()/*, corpCode*/);
+					user = UserUtils.getByLoginCode(token.getUsername(), user.getCorpCode_());
 					if (user != null) {
 						return user;
 					}
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
index 672ea993..6b4c5374 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
@@ -161,7 +161,8 @@ public class LoginController extends BaseController{
 
 		// 非授权异常，登录失败，验证码加1。
 		if (!UnauthorizedException.class.getName().equals(exception)){
-			model.addAttribute("isValidCodeLogin", BaseAuthorizingRealm.isValidCodeLogin(username, (String)paramMap.get("deviceType"), "failed"));
+			model.addAttribute("isValidCodeLogin", BaseAuthorizingRealm.isValidCodeLogin(username,
+					(String)paramMap.get("corpCode"), (String)paramMap.get("deviceType"), "failed"));
 		}
 		
 		//获取当前会话对象
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java
index fe963e52..095f833c 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java
@@ -114,7 +114,7 @@ public class CorpAdminController extends BaseController {
 		if (StringUtils.isBlank(user.getCorpCode_())){
 			return renderResult(Global.FALSE, "租户代码不能为空！");
 		}
-		if (!Global.TRUE.equals(userService.checkLoginCode(oldLoginCode, user.getLoginCode()/*, user.getCorpCode_()*/))) {
+		if (!Global.TRUE.equals(userService.checkLoginCode(oldLoginCode, user.getLoginCode()))) {
 			return renderResult(Global.FALSE, "保存用户'" + user.getLoginCode() + "'失败，登录账号已存在");
 		}
 		if (user.getIsNewRecord()){
@@ -237,7 +237,7 @@ public class CorpAdminController extends BaseController {
 	 * @param isShowCode 是否显示编码（true or 1：显示在左侧；2：显示在右侧；false or null：不显示）
 	 * @return
 	 */
-	@RequiresPermissions("user")
+	//@RequiresPermissions("user") // 注释掉，允许配置URI控制权限
 	@RequestMapping(value = "treeData")
 	@ResponseBody
 	public List<Map<String, Object>> treeData(String pId, String isShowCode) {
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpUserController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpUserController.java
index 90229993..a0d262f7 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpUserController.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpUserController.java
@@ -155,7 +155,7 @@ public class EmpUserController extends BaseController {
 		if (!EmpUser.USER_TYPE_EMPLOYEE.equals(empUser.getUserType())){
 			return renderResult(Global.FALSE, "非法操作，不能够操作此用户！");
 		}
-		if (!Global.TRUE.equals(userService.checkLoginCode(oldLoginCode, empUser.getLoginCode()/*, null*/))) {
+		if (!Global.TRUE.equals(userService.checkLoginCode(oldLoginCode, empUser.getLoginCode()))) {
 			return renderResult(Global.FALSE, text("保存用户失败，登录账号''{0}''已存在", empUser.getLoginCode()));
 		}
 		if (StringUtils.inString(op, Global.OP_ADD, Global.OP_EDIT)
diff --git a/modules/core/src/main/resources/config/jeesite-core.yml b/modules/core/src/main/resources/config/jeesite-core.yml
index ba0c1343..08b1f856 100644
--- a/modules/core/src/main/resources/config/jeesite-core.yml
+++ b/modules/core/src/main/resources/config/jeesite-core.yml
@@ -162,6 +162,9 @@ user:
   # 多租户模式（SAAS模式）（专业版）
   useCorpModel: false
   
+  # 登录账号是否租户内唯一，否则全局唯一
+  loginCodeCorpUnique: false
+  
   # 自助账号服务
   account:
     # 注册用户
@@ -375,6 +378,7 @@ shiro:
 #    ${adminPath}/cms/category/* = anon
 #    ${adminPath}/cms/article/* = anon
 #    ${adminPath}/cms/link/* = anon
+#    ${adminPath}/sys/corpAdmin/treeData = anon
 #    ${adminPath}/** = user
   filterChainDefinitions: |
     /ReportServer/** = user
diff --git a/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html b/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
index e982768b..bcef0257 100644
--- a/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
+++ b/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
@@ -24,15 +24,12 @@
 				<#form:input type="password" name="password" class="form-control required"
 					data-msg-required="${text('请填写登录密码.')}" placeholder="${text('登录密码')}" autocomplete="off"/>
 			</div>
-			<%/*<!-- if(@Global.getConfigToBoolean('user.useCorpModel', 'false')){ %>
+			<% if(@Global.getConfigToBoolean('user.loginCodeCorpUnique', 'false')){ %>
 			<div class="form-group has-feedback">
-				<select name="param_corpCode" class="form-control">
-					<% for(var user in @UserUtils.findCorpList()){ %>
-						<option value="${user.corpCode}">(${user.corpCode}) ${user.corpName}</option>
-					<% } %>
-				</select>
+				<#form:treeselect id="switchCorpSelect" title="${text('登录租户')}" allowClear="false"
+					name="param_corpCode" url="${ctx}/sys/corpAdmin/treeData?isShowCode=true" placeholder="${text('登录租户')}"/>
 			</div>
-			<% } -->*/%>
+			<% } %>
 			<div class="form-group has-feedback" id="isValidCodeLogin" style="display:${isValidCodeLogin?'blank':'none'}">
 				<#form:validcode name="validCode" isRequired="true" isRemote="true" isLazy="true"/>
 			</div>