diff --git a/sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/SimulateController.java b/sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/SimulateController.java
index 93d0150001c7400637c719c66976096e32735faa..1ad1e81e40230775d0fefd5990b560b3f0af8ef0 100644
--- a/sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/SimulateController.java
+++ b/sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/controller/SimulateController.java
@@ -75,18 +75,8 @@ public class SimulateController {
         return ResponseEntity.ok(resultMap);
     }
 
-    @DeleteMapping("/api/v1/source2/{var2}")
-    public ResponseEntity<Map<String, String>> api1Mock8(HttpServletRequest request, @PathVariable Integer var2 ) {
-        Map<String, String> resultMap = new HashMap<>(2);
-        resultMap.putAll(getResponseMap(request));
-        if (Objects.nonNull(var2)) {
-            resultMap.put("var2", String.valueOf(var2));
-        }
-        return ResponseEntity.ok(resultMap);
-    }
-
-    @PutMapping("/api/v1/source2")
-    public ResponseEntity<Map<String, String>> api1Mock9(HttpServletRequest request) {
+    @GetMapping("/api/v1/source2")
+    public ResponseEntity<Map<String, String>> api1Mock8(HttpServletRequest request) {
         return ResponseEntity.ok(getResponseMap(request));
     }
 
@@ -115,8 +105,8 @@ public class SimulateController {
         return ResponseEntity.ok(getResponseMap(request));
     }
 
-    @PatchMapping("/api/v1/source3")
-    public ResponseEntity<Map<String, String>> api1Mock15(HttpServletRequest request) {
+    @GetMapping("/api/v2/source3/{var1}")
+    public ResponseEntity<Map<String, String>> api1Mock15(HttpServletRequest request, @PathVariable String var1) {
         return ResponseEntity.ok(getResponseMap(request));
     }
 
diff --git a/sample-bootstrap/src/main/resources/sureness.yml b/sample-bootstrap/src/main/resources/sureness.yml
index 67e9150aa992b05b6463d09991847c63b1775787..ae9efaaf75ef87c1eac5b7f1c1644b97641506d7 100644
--- a/sample-bootstrap/src/main/resources/sureness.yml
+++ b/sample-bootstrap/src/main/resources/sureness.yml
@@ -17,10 +17,13 @@ resourceRole:
   - /api/v1/source1===delete===[role3]
   - /api/v1/source1===put===[role1,role2]
   - /api/v1/source2===get===[]
+  - /api/v1/source2/*/*===get===[role2]
+  - /api/v2/source3/*===get===[role2]
 
 # load api resource which do not need be protected, means them need be excluded.
 # these api resource can be access by everyone
 excludedResource:
+  - /api/v1/source3===get
   - /api/v3/host===get
   - /api/v3/book===get
   - /api/v1/account/auth===post