some requests skip Authorization

[goodboylyl]

我目前在测试环境使用nacos-server-1.0.0，nacos已经加入了权限认证，登录之后访问配置管理-配置列表，任意选中一个配置项进行编辑进入编辑页面，然后我把编辑页面的URL分享给我的同事，他可以直接打开页面不需要任何权限认证，甚至可以更改配置项并进行发布。我分享的只是一个URL地址，Request Header中的Authorization为null，但是却能正常访问并提交更改。我认为这是非常危险的操作，我们已经对nacos的访问进行了IP限制。希望能尽快修复。

[nacos-bot]

Hi @goodboylyl, we detect non-English characters in the issue. This comment is an auto translation from @nacos-bot to help other users to understand this issue.
We encourage you to describe your issue in English which is more friendly to other users.

some requests skip Authorization

I am currently using nacos-server-1.0.0 in the test environment. nacos has added the permission authentication. After logging in, access the configuration management-configuration list, select a configuration item for editing and enter the editing page. Then I share the URL of the editing page. My colleague, who can open the page directly without any permission authentication, can even change the configuration item and publish it. All I shared was a URL address, the Authorization in the Request Header was null, but it was able to access and commit the changes. I think this is a very dangerous operation, we have IP restrictions on nacos access. I hope to fix it as soon as possible.
Now I use nacos-server-1.0.0 in devlopment environment,nacos has been authority certification.I share Edit Configuration page's URL to my colleague,I hope he can configurate according to his needs.Normally,it's just a GET request,it is not has Authorization,he must login then he can use it,but he doesn't. I think it's dangerous,hope repair.

[nkorange]

目前Nacos并没有实现接口级别的鉴权，已经在规划中，可以参考 #1105