diff --git a/authorization-server/build.gradle b/authorization-server/build.gradle
index 70f445f..6c97d64 100644
--- a/authorization-server/build.gradle
+++ b/authorization-server/build.gradle
@@ -28,7 +28,7 @@ dependencies {
     compile('org.springframework.security:spring-security-oauth2-jose')
     
     implementation 'org.springframework.boot:spring-boot-starter-actuator'
-    implementation 'org.springframework.boot:spring-boot-starter-freemarker'
+    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.cloud:spring-cloud-starter-oauth2'
 //    implementation 'org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.1.5.RELEASE'
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
index 3499059..64177a6 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
@@ -78,7 +78,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 //            .and()
 //                .addFilterBefore(filter, CsrfFilter.class);
 //                .csrf().disable();
-        http.formLogin().loginPage("/login").permitAll()
+        http.formLogin().loginPage("/login").permitAll().failureHandler(customAuthFailureHandler)
                 .and()
                 .requestMatchers().antMatchers("/login/**", "/logout", "/oauth/authorize", "/oauth/confirm_access", "/oauth2/**")
                 .and()
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/SocialType.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/SocialType.java
index 84e57fb..a21da9d 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/SocialType.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/SocialType.java
@@ -5,7 +5,7 @@ import lombok.Getter;
 public enum  SocialType {
     FACEBOOK("facebook"),
     GOOGLE("google"),
-    KAKAO("kakao");
+    UNEEDCOMMS("uneedcomms");
 
     private final String ROLE_PREFIX = "ROLE_";
 
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/CustomUserDetails.java
similarity index 85%
rename from authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java
rename to authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/CustomUserDetails.java
index 0c082a5..93a43d7 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/CustomUserDetails.java
@@ -11,24 +11,25 @@ import java.util.Collection;
 import java.util.List;
 
 @Data
-public class UserDetail implements UserDetails {
+public class CustomUserDetails implements UserDetails {
 
     private static final long serialVersionUID = 6396079419309274853L;
     private Long id;
     private String username;
     private String password;
-    private List<String> roles;
+    private List<String> userRole;
 
-    public UserDetail(User user) {
+    public CustomUserDetails(User user, List<String> userRole) {
         this.id = user.getId();
         this.username = user.getUsername();
         this.password = user.getPassword();
+        this.userRole = userRole;
     }
 
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
         List<GrantedAuthority> authorities = new ArrayList<>();
-        for (String role: roles) {
+        for (String role: userRole) {
             authorities.add(new SimpleGrantedAuthority(role));
         }
         return authorities;
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java
index f50214d..5b78cd7 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java
@@ -1,17 +1,18 @@
 package io.bluemoon.authorizationserver.domain.user;
 
 import io.bluemoon.authorizationserver.domain.social.SocialType;
-import lombok.Builder;
-import lombok.Data;
-import lombok.NoArgsConstructor;
+import lombok.*;
 
 import javax.persistence.*;
 import java.time.LocalDateTime;
+import java.util.Collection;
 import java.util.Date;
 
 @Entity
-@Data
+@Getter
+@Setter
 @NoArgsConstructor
+@AllArgsConstructor
 public class User {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
@@ -36,6 +37,9 @@ public class User {
     @Enumerated(EnumType.STRING)
     private SocialType socialType;
 
+    @OneToMany(cascade = CascadeType.ALL, mappedBy = "user", fetch = FetchType.EAGER)
+    private Collection<UserRole> userRole;
+
     @Column
     private LocalDateTime createdAt;
 
@@ -53,15 +57,14 @@ public class User {
 //    private Date regDate = new Date();
 
     @Builder
-    public User(String username, String name, String password, String email, String principal,
-                SocialType socialType, LocalDateTime createdAt, LocalDateTime updatedAt) {
+    public User(String username, String name, String password, String email, String principal, LocalDateTime createdAt, LocalDateTime updatedAt, SocialType socialType) {
         this.username = username;
         this.name = name;
         this.password = password;
         this.email = email;
         this.principal = principal;
-        this.socialType = socialType;
         this.createdAt = createdAt;
         this.updatedAt = updatedAt;
+        this.socialType = socialType;
     }
 }
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRole.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRole.java
new file mode 100644
index 0000000..8343a9a
--- /dev/null
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRole.java
@@ -0,0 +1,30 @@
+package io.bluemoon.authorizationserver.domain.user;
+
+import lombok.*;
+
+import javax.persistence.*;
+
+@Getter
+@Setter
+@Entity
+@ToString(exclude = "user")
+@NoArgsConstructor
+@AllArgsConstructor
+public class UserRole {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @Column
+    private String role;
+
+    @ManyToOne(optional = false)
+    @JoinColumn(name = "userId")
+    private User user;
+
+    @Builder
+    public UserRole(User user, String role) {
+        this.user = user;
+        this.role = role;
+    }
+}
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRoleRepository.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRoleRepository.java
new file mode 100644
index 0000000..0f91cdb
--- /dev/null
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRoleRepository.java
@@ -0,0 +1,10 @@
+package io.bluemoon.authorizationserver.domain.user;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.List;
+
+public interface UserRoleRepository extends JpaRepository<UserRole, Integer> {
+    List<UserRole> findByUser(User user);
+
+}
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java
index 5b81d60..3231154 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java
@@ -1,37 +1,49 @@
 package io.bluemoon.authorizationserver.service.user;
 
-import io.bluemoon.authorizationserver.domain.user.User;
-import io.bluemoon.authorizationserver.domain.user.UserDetail;
-import io.bluemoon.authorizationserver.domain.user.UserRepository;
+import io.bluemoon.authorizationserver.domain.user.*;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
 
 @Service
 public class CustomUserDetailsServiceImpl implements UserDetailsService {
 
     // User Info
     private UserRepository userRepository;
+    private UserRoleRepository userRoleRepository;
 
     public CustomUserDetailsServiceImpl(
-            UserRepository userRepository
+            UserRepository userRepository,
+            UserRoleRepository userRoleRepository
     ) {
         this.userRepository = userRepository;
+        this.userRoleRepository = userRoleRepository;
     }
 
     @Override
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        System.out.println("why?????????????"+username);
         User user = userRepository.findByUsername(username);
         System.out.println(user);
+        List<UserRole> userRole = userRoleRepository.findByUser(user);
+        System.out.println(userRole);
+        System.out.println("---------------------------");
+        List<String> urs = new ArrayList<>();
+        for (UserRole ur : userRole) {
+            urs.add(ur.getRole());
+        }
 
         if (user == null) {
             throw new UsernameNotFoundException("UsernameNotFound[" + username + "]");
         }
 
-        UserDetail userDetail = createUser(user);
+        CustomUserDetails userDetail = new CustomUserDetails(user, urs);
+        userDetail.getAuthorities();
         System.out.println(userDetail);
         return userDetail;
     }
@@ -39,17 +51,17 @@ public class CustomUserDetailsServiceImpl implements UserDetailsService {
     /**
      * User role check
      * @param user
+     * @param userRole
      * @return
      */
-    private UserDetail createUser(User user) {
-        UserDetail userDetail = new UserDetail(user);
-        userDetail.setRoles(Arrays.asList("ROLE_USER"));
-
-//        if (userDetail.getSocial_type().getVaule().equals("FACEBOOK")) {
-//            userDetail.setRoles(Arrays.asList("ROLE_FACEBOOK"));
-//        } else {
-//            userDetail.setRoles(Arrays.asList("ROLE_USER"));
-//        }
-        return userDetail;
-    }
+//    private CustomUserDetails createUser(User user, List<UserRole> userRole) {
+//        CustomUserDetails userDetail =
+//
+////        if (userDetail.getSocial_type().getVaule().equals("FACEBOOK")) {
+////            userDetail.setRoles(Arrays.asList("ROLE_FACEBOOK"));
+////        } else {
+////            userDetail.setRoles(Arrays.asList("ROLE_USER"));
+////        }
+//        return userDetail;
+//    }
 }
diff --git a/authorization-server/src/main/resources/application.properties b/authorization-server/src/main/resources/application.properties
index fbb7b1d..12b0d54 100644
--- a/authorization-server/src/main/resources/application.properties
+++ b/authorization-server/src/main/resources/application.properties
@@ -10,6 +10,9 @@ spring.datasource.username=root
 spring.datasource.password=uneed3515
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
 spring.datasource.platform=schema
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDB53Dialect
+
+
 
 spring.jpa.database = MYSQL
 spring.jpa.hibernate.ddl-auto=update
diff --git a/authorization-server/src/main/resources/templates/authorize.ftl b/authorization-server/src/main/resources/templates/authorize.html
similarity index 100%
rename from authorization-server/src/main/resources/templates/authorize.ftl
rename to authorization-server/src/main/resources/templates/authorize.html
diff --git a/authorization-server/src/main/resources/templates/login.ftl b/authorization-server/src/main/resources/templates/login.ftl
deleted file mode 100644
index 5998323..0000000
--- a/authorization-server/src/main/resources/templates/login.ftl
+++ /dev/null
@@ -1,28 +0,0 @@
-<html>
-<head>
-</head>
-<body>
-<div class="container">
-    <form role="form" action="login" method="post">
-        <div class="form-group">
-            <label for="username">Username:</label>
-            <input type="text" class="form-control" id="username" name="username"/>
-        </div>
-        <div class="form-group">
-            <label for="password">Password:</label>
-            <input type="password" class="form-control" id="password" name="password"/>
-        </div>
-        <input type="hidden" id="csrf_token" name="${_csrf.parameterName}" value="${_csrf.token}"/>
-        <button type="submit" class="btn btn-primary">Submit</button>
-    </form>
-</div>
-
-<div>
-    <a class="facebook-login-text" href="/mk-auth/oauth2/authorization/facebook">facebook 로그인</a>
-</div>
-
-<div>
-    <a class="google-login-text" href="/mk-auth/oauth2/authorization/google">google 로그인</a>
-</div>
-</body>
-</html>
\ No newline at end of file
diff --git a/authorization-server/src/main/resources/templates/login.html b/authorization-server/src/main/resources/templates/login.html
new file mode 100644
index 0000000..f6bb88b
--- /dev/null
+++ b/authorization-server/src/main/resources/templates/login.html
@@ -0,0 +1,47 @@
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
+
+<head>
+</head>
+<body>
+<div class="container">
+    <form role="form" th:action="@{/login}" method="post">
+        <div class="form-group row">
+            <label for="username" class="col-sm-2 col-form-label">ID</label>
+            <div class="col-sm-10">
+                <input type="text" class="form-control" id="username" placeholder="id" name="username">
+            </div>
+        </div>
+
+
+        <div class="form-group row">
+            <label for="password" class="col-sm-2 col-form-label">Password</label>
+            <div class="col-sm-10">
+                <input type="password" class="form-control" id="password" placeholder="password" name="password">
+            </div>
+        </div>
+
+        <input type="hidden" id="csrf_token" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+        <button type="submit" class="btn btn-primary">Sign in</button>
+    </form>
+
+    <div>
+        <a href="/mk-auth/oauth2/authorization/facebook" class="btn btn-primary btn-lg active" role="button" aria-pressed="false">Facebook</a>
+    </div>
+
+    <div>
+        <a href="/mk-auth/oauth2/authorization/google" class="btn btn-secondary btn-lg active" role="button" aria-pressed="false">Google</a>
+    </div>
+</div>
+
+
+
+
+
+
+</body>
+
+<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
+<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
+<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
+</html>
\ No newline at end of file
diff --git a/gateway-zuul/src/main/java/io/bluemoon/gatewayzuul/config/SecurityConfig.java b/gateway-zuul/src/main/java/io/bluemoon/gatewayzuul/config/SecurityConfig.java
index c86e874..ebeae12 100644
--- a/gateway-zuul/src/main/java/io/bluemoon/gatewayzuul/config/SecurityConfig.java
+++ b/gateway-zuul/src/main/java/io/bluemoon/gatewayzuul/config/SecurityConfig.java
@@ -38,7 +38,7 @@ public class SecurityConfig  extends WebSecurityConfigurerAdapter {
     @Override
     public void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
-                .antMatchers("/**", "/mk-auth/**", "/login").permitAll().anyRequest().authenticated()
+                .antMatchers("/", "/mk-auth/**", "/login").permitAll().anyRequest().authenticated()
                 .and()
 //                .csrf().requireCsrfProtectionMatcher(csrfRequestMatcher()).csrfTokenRepository(csrfTokenRepository())
 //                .and()
diff --git a/gateway-zuul/src/main/resources/application.properties b/gateway-zuul/src/main/resources/application.properties
index 232100c..da7e43b 100644
--- a/gateway-zuul/src/main/resources/application.properties
+++ b/gateway-zuul/src/main/resources/application.properties
@@ -2,13 +2,13 @@ server.port=8765
 
 zuul.sensitive-headers=
 
-zuul.routes.mk2-service.path=/service/**
+zuul.routes.mk2-service.path=/api/**
 zuul.routes.mk2-service.url=http://127.0.0.1:8082
 zuul.routes.mk2-service.sensitive-headers=
 
 zuul.routes.mk2-oauth.path=/mk-auth/**
-zuul.routes.mk2-oauth.url=https://59a7bc58.ngrok.io
-#zuul.routes.mk2-oauth.url=http://localhost:8081
+#zuul.routes.mk2-oauth.url=https://59a7bc58.ngrok.io
+zuul.routes.mk2-oauth.url=http://localhost:8081
 zuul.routes.mk2-oauth.sensitive-headers=
 #zuul.routes.mk2-oauth.path=/mk2auth/**
 
@@ -17,18 +17,16 @@ zuul.add-proxy-headers=true
 
 security.oauth2.sso.login-path=/login
 
-
-
-#security.oauth2.client.access-token-uri=http://localhost:8081/mk-auth/oauth/token
-security.oauth2.client.access-token-uri=https://59a7bc58.ngrok.io/mk-auth/oauth/token
+security.oauth2.client.access-token-uri=http://localhost:8081/mk-auth/oauth/token
+#security.oauth2.client.access-token-uri=https://59a7bc58.ngrok.io/mk-auth/oauth/token
 
 # /oauth/authorize 요청은 클라이언트가 리소스 서버의 api를 사용하기 위해 사용자(리소스 소유자)에게
 # 권한 위임 동의를 받기 위한 페이지를 출력하는 기능을 수행
-#security.oauth2.client.user-authorization-uri=http://localhost:8081/mk-auth/oauth/authorize
-security.oauth2.client.user-authorization-uri=https://59a7bc58.ngrok.io/mk-auth/oauth/authorize
+security.oauth2.client.user-authorization-uri=http://localhost:8081/mk-auth/oauth/authorize
+#security.oauth2.client.user-authorization-uri=https://59a7bc58.ngrok.io/mk-auth/oauth/authorize
 
-#security.oauth2.resource.user-info-uri=http://localhost:8081/mk-auth/user
-security.oauth2.resource.user-info-uri=https://59a7bc58.ngrok.io/mk-auth/user
+security.oauth2.resource.user-info-uri=http://localhost:8081/mk-auth/user
+#security.oauth2.resource.user-info-uri=https://59a7bc58.ngrok.io/mk-auth/user
 security.oauth2.resource.prefer-token-info=false
 
 security.oauth2.client.client-id=system1