diff --git a/adfs_fingerprint.sh b/adfs_fingerprint.sh
new file mode 100644
index 0000000..41dab0a
--- /dev/null
+++ b/adfs_fingerprint.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+dir="$(dirname $0)"
+adfs_fingerprint=`openssl s_client -connect adfs.ntu.edu.tw:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin| cut -d '=' -f2`
+if [ ! -z "$adfs_fingerprint" ]; then
+  echo "$adfs_fingerprint" > "$dir/adfs_fingerprint.txt"
+fi
diff --git a/app/controllers/sso_login_box_controller.rb b/app/controllers/sso_login_box_controller.rb
index 0684c58..93bb4f7 100644
--- a/app/controllers/sso_login_box_controller.rb
+++ b/app/controllers/sso_login_box_controller.rb
@@ -4,7 +4,7 @@ class SsoLoginBoxController < SessionsController
   OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
   def sso_auth_page
     session[:referer_url] = params[:referer_url]
-    puts ["session", session, session.to_hash]
+    # puts ["session", session, session.to_hash]
     request = OneLogin::RubySaml::Authrequest.new
     redirect_to(request.create(saml_settings))
   end
@@ -21,7 +21,7 @@ class SsoLoginBoxController < SessionsController
     # We validate the SAML Response and check if the user already exists in the system
     if response.is_valid?
       attributes = response.attributes
-      puts ["attributes", attributes.inspect]
+      # puts ["attributes", attributes.inspect]
       if true#["f", "s"].include?(attributes["AccountTypeCode"])
         email = attributes["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"]
         member_name = attributes["ChineseName"]
@@ -39,6 +39,7 @@ class SsoLoginBoxController < SessionsController
           end
         end
         if !user.nil?
+          puts "Login #{user.user_name} success by sso!"
           session[:sso_token] = user.id
           session[:user_id] = user.id
           session[:login_referer] = nil
@@ -97,13 +98,13 @@ class SsoLoginBoxController < SessionsController
   def saml_settings
     settings = OneLogin::RubySaml::Settings.new
     request_host = request.host
-    settings.assertion_consumer_service_url = "https://#{request_host}/ntu_sso/response?referer_url=#{params[:referer_url]}"
+    settings.assertion_consumer_service_url = "https://#{request_host}/ntu_sso/response"
     settings.issuer                         = request_host
     settings.idp_sso_target_url            = "https://adfs.ntu.edu.tw/adfs/ls/"
     # settings.idp_sso_target_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # or :post, :redirect
     settings.idp_slo_target_url            = "https://adfs.ntu.edu.tw/adfs/ls/clearall.aspx?url=https://#{request_host}"
     # settings.idp_slo_service_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # or :post, :redirect
-    settings.idp_cert_fingerprint           = "0a:27:fc:d5:ce:dc:d8:44:cc:a9:58:8a:42:d1:f4:df:38:2e:4a:c3"
+    settings.idp_cert_fingerprint           = (File.read('adfs_fingerprint.txt') rescue '') #"0A:27:FC:D5:CE:DC:D8:44:CC:A9:58:8A:42:D1:F4:DF:38:2E:4A:C3"
     settings.idp_cert_fingerprint_algorithm = "http://www.w3.org/2000/09/xmldsig#sha1"
     # settings.security[:signature_method] = XMLSecurity::Document::SHA256
     # settings.name_identifier_format         = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
@@ -122,4 +123,4 @@ class SsoLoginBoxController < SessionsController
 
     settings
   end
-end
+end
\ No newline at end of file