Fix -在开启认证的情况下增加token解析认证处理方式

plugin-default-impl/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/UserController.java

@@ -152,7 +152,7 @@ public Object updateUser(@RequestParam String username, @RequestParam String new
                 response.sendError(HttpServletResponse.SC_FORBIDDEN, "authorization failed!");
                 return null;
             }
-        } catch (HttpSessionRequiredException e) {
+        } catch (HttpSessionRequiredException | AccessException e) {
             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "session expired!");
             return null;
         }
@@ -167,15 +167,15 @@ public Object updateUser(@RequestParam String username, @RequestParam String new
         return RestResultUtils.success("update user ok!");
     }
 
-    private boolean hasPermission(String username, HttpServletRequest request) throws HttpSessionRequiredException {
+    private boolean hasPermission(String username, HttpServletRequest request) throws HttpSessionRequiredException,AccessException {
         if (!authConfigs.isAuthEnabled()) {
             return true;
         }
         IdentityContext identityContext = (IdentityContext) request.getSession()
                 .getAttribute(com.alibaba.nacos.plugin.auth.constant.Constants.Identity.IDENTITY_CONTEXT);
         NacosUser user;
         if (identityContext == null
-                || (user = (NacosUser) identityContext.getParameter(AuthConstants.NACOS_USER_KEY)) == null) {
+                || (user = (NacosUser) identityContext.getParameter(AuthConstants.NACOS_USER_KEY)) == null || (user = iAuthenticationManager.authenticate(request)) == null) {
             throw new HttpSessionRequiredException("session expired!");
         }
         // admin