diff --git a/orion-ops-framework/orion-ops-spring-boot-starter-security/src/main/java/com/orion/ops/framework/security/core/filter/TokenAuthenticationFilter.java b/orion-ops-framework/orion-ops-spring-boot-starter-security/src/main/java/com/orion/ops/framework/security/core/filter/TokenAuthenticationFilter.java
index 400decca..86da7d8e 100644
--- a/orion-ops-framework/orion-ops-spring-boot-starter-security/src/main/java/com/orion/ops/framework/security/core/filter/TokenAuthenticationFilter.java
+++ b/orion-ops-framework/orion-ops-spring-boot-starter-security/src/main/java/com/orion/ops/framework/security/core/filter/TokenAuthenticationFilter.java
@@ -1,9 +1,12 @@
 package com.orion.ops.framework.security.core.filter;
 
 import com.orion.lang.utils.Strings;
+import com.orion.ops.framework.common.constant.ErrorCode;
 import com.orion.ops.framework.common.security.LoginUser;
 import com.orion.ops.framework.security.core.service.SecurityFrameworkService;
 import com.orion.ops.framework.security.core.utils.SecurityUtils;
+import com.orion.web.servlet.web.Servlets;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import javax.servlet.FilterChain;
@@ -20,6 +23,7 @@ import java.io.IOException;
  * @version 1.0.0
  * @since 2023/7/6 18:39
  */
+@Slf4j
 public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
     private final SecurityFrameworkService securityFrameworkService;
@@ -30,17 +34,22 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
-        // 获取请求头 token
-        String token = SecurityUtils.obtainAuthorization(request);
-        if (!Strings.isBlank(token)) {
-            // 通过 token 获取用户信息
-            LoginUser loginUser = securityFrameworkService.getUserByToken(token);
-            // 设置上下文
-            if (loginUser != null) {
-                SecurityUtils.setLoginUser(loginUser, request);
+        try {
+            // 获取请求头 token
+            String token = SecurityUtils.obtainAuthorization(request);
+            if (!Strings.isBlank(token)) {
+                // 通过 token 获取用户信息
+                LoginUser loginUser = securityFrameworkService.getUserByToken(token);
+                // 设置上下文
+                if (loginUser != null) {
+                    SecurityUtils.setLoginUser(loginUser, request);
+                }
             }
+        } catch (Exception e) {
+            log.error("TokenAuthenticationFilter.doFilterInternal error", e);
+            Servlets.writeHttpWrapper(response, ErrorCode.INTERNAL_SERVER_ERROR.getWrapper());
+            return;
         }
-        // todo 全局异常返回 mock模式
         // 继续执行
         chain.doFilter(request, response);
     }
diff --git a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/config/OrionStorageAutoConfiguration.java b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/config/OrionStorageAutoConfiguration.java
index 32a02c09..c0c067b0 100644
--- a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/config/OrionStorageAutoConfiguration.java
+++ b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/config/OrionStorageAutoConfiguration.java
@@ -3,10 +3,13 @@ package com.orion.ops.framework.storage.config;
 import com.orion.ops.framework.storage.core.client.FileClient;
 import com.orion.ops.framework.storage.core.client.local.LocalFileClient;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Primary;
 
+import javax.annotation.Resource;
+
 /**
  * 存储配置类
  *
@@ -20,12 +23,16 @@ import org.springframework.context.annotation.Primary;
 @EnableConfigurationProperties(StorageConfig.class)
 public class OrionStorageAutoConfiguration {
 
+    @Resource
+    private StorageConfig config;
+
     /**
      * 本地文件客户端
      */
     @Bean
     @Primary
-    public FileClient localFileClient(StorageConfig config) {
+    @ConditionalOnProperty(value = "orion.storage.local.enabled", havingValue = "true")
+    public FileClient localFileClient() {
         return new LocalFileClient(config.getLocal());
     }
 
diff --git a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/core/client/FileClientConfig.java b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/core/client/FileClientConfig.java
index fb834d33..dd8f4ec0 100644
--- a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/core/client/FileClientConfig.java
+++ b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/java/com/orion/ops/framework/storage/core/client/FileClientConfig.java
@@ -12,6 +12,11 @@ import lombok.Data;
 @Data
 public class FileClientConfig {
 
+    /**
+     * 是否启用
+     */
+    protected boolean enabled;
+
     /**
      * 是否自动拼接 traceId 前缀. 没有则使用 UUID
      */
diff --git a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/resources/META-INF/spring-configuration-metadata.json b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/resources/META-INF/spring-configuration-metadata.json
index 5816e482..6b0fa792 100644
--- a/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/resources/META-INF/spring-configuration-metadata.json
+++ b/orion-ops-framework/orion-ops-spring-boot-starter-storage/src/main/resources/META-INF/spring-configuration-metadata.json
@@ -4,23 +4,34 @@
       "name": "orion.storage",
       "type": "com.orion.ops.framework.storage.config.StorageConfig",
       "sourceType": "com.orion.ops.framework.storage.config.StorageConfig"
+    },
+    {
+      "name": "orion.storage.local",
+      "type": "com.orion.ops.framework.storage.core.client.local.LocalFileClientConfig",
+      "sourceType": "com.orion.ops.framework.storage.core.client.local.LocalFileClientConfig"
     }
   ],
   "properties": [
     {
-      "name": "orion.storage.local.nameAppendTraceId",
+      "name": "orion.storage.local.enabled",
+      "type": "java.lang.Boolean",
+      "description": "是否启用.",
+      "defaultValue": false
+    },
+    {
+      "name": "orion.storage.local.name-append-trace-id",
       "type": "java.lang.Boolean",
       "description": "是否自动拼接 traceId 前缀. 没有则使用 UUID.",
       "defaultValue": false
     },
     {
-      "name": "orion.storage.local.storagePath",
+      "name": "orion.storage.local.storage-path",
       "type": "java.lang.String",
       "description": "存储路径.",
       "defaultValue": ""
     },
     {
-      "name": "orion.storage.local.basePath",
+      "name": "orion.storage.local.base-path",
       "type": "java.lang.String",
       "description": "基础路径.",
       "defaultValue": ""
diff --git a/orion-ops-launch/src/main/java/com/orion/ops/launch/service/EmptySecurityImpl.java b/orion-ops-launch/src/main/java/com/orion/ops/launch/service/EmptySecurityImpl.java
index ae7dcc3d..1205bb75 100644
--- a/orion-ops-launch/src/main/java/com/orion/ops/launch/service/EmptySecurityImpl.java
+++ b/orion-ops-launch/src/main/java/com/orion/ops/launch/service/EmptySecurityImpl.java
@@ -27,7 +27,6 @@ public class EmptySecurityImpl implements SecurityFrameworkService {
 
     @Override
     public LoginUser getUserByToken(String token) {
-        // TODO MOCK
         LoginUser user = new LoginUser();
         user.setId(123L);
         user.setUsername("username");