diff --git a/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/util/security/CryptoSignatureUtils.java b/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/util/security/CryptoSignatureUtils.java
index 6fb4808c..b0d9be83 100644
--- a/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/util/security/CryptoSignatureUtils.java
+++ b/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/util/security/CryptoSignatureUtils.java
@@ -1,6 +1,7 @@
 package com.zt.plat.framework.common.util.security;
 
 import cn.hutool.crypto.SecureUtil;
+import com.zt.plat.framework.common.util.json.JsonUtils;
 
 import javax.crypto.Cipher;
 import javax.crypto.KeyGenerator;
@@ -126,7 +127,11 @@ public final class CryptoSignatureUtils {
                 continue;
             }
             sb.append(key).append('=');
-            sb.append(value);
+            if (value instanceof String || value instanceof Number || value instanceof Boolean) {
+                sb.append(value);
+            } else {
+                sb.append(JsonUtils.toJsonString(value));
+            }
             sb.append('&');
         }
         if (sb.length() > 0) {
diff --git a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
index 6692f40d..48c2a627 100644
--- a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
+++ b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
@@ -286,8 +286,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
         try {
             boolean valid = CryptoSignatureUtils.verifySignature(signaturePayload, signatureType);
             if (!valid) {
-                log.error("[API-PORTAL] 签名校验失败");
-                return;
+                throw new SecurityValidationException(HttpStatus.UNAUTHORIZED, "签名校验失败");
             }
         } catch (IllegalArgumentException ex) {
             throw new SecurityValidationException(HttpStatus.INTERNAL_SERVER_ERROR, "签名算法配置异常");