Spring Security抛出javax.servlet.ServletException:无法解析名称为'j_spring_security_check'的视图
[英]Spring security throws javax.servlet.ServletException: Could not resolve view with name 'j_spring_security_check'
问题描述
I am trying to add Spring security with customized login page and access to database to my Spring MVC application. 
我正在尝试通过自定义的登录页面添加Spring安全性 ,并访问 Spring MVC应用程序中的数据库 。 It seems like my mapping is wrong as it can not map j_spring_security_check . 似乎我的映射错误,因为它无法映射j_spring_security_check 。
To solve the issue I had a look at following pages 1 , 2 , 3 but could not solve the issue yet. 为了解决这个问题,我看了一下以下页面1 , 2 , 3 ,但没能解决这个问题呢。
If you do not have much time, please read PART 2 below, that is where edited section of the question begins. 如果您没有太多时间,请阅读下面的第2部分,这是问题的编辑部分开始的地方。 Otherwise, please read both PART 1 and PART 2 . 否则,请同时阅读第1 部分和第2部分 。
PART 1 第1部分
I also added following lines to my web.xml file but the application returns following exceptions. 我还在我的web.xml文件中添加了以下几行,但是应用程序返回以下异常。
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Caused by: java.lang.IllegalStateException: Duplicate Filter registration for 'springSecurityFilterChain'. Check to ensure the Filter is only configured once.
at org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer.registerFilter(AbstractSecurityWebApplicationInitializer.java:215)
at org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer.insertSpringSecurityFilterChain(AbstractSecurityWebApplicationInitializer.java:147)
at org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer.onStartup(AbstractSecurityWebApplicationInitializer.java:121)
at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:175)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5423)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 6 more
Jun 13, 2015 2:44:54 PM org.apache.catalina.core.ContainerBase startInternal
SEVERE: A child container failed during start
java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost]]
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:188)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:1123)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:302)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:443)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:732)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.startup.Catalina.start(Catalina.java:691)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:322)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:456)
Caused by: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: org.apache.catalina.LifecycleException: A child container failed during start
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:1131)
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:800)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 6 more
Jun 13, 2015 2:44:54 PM org.apache.catalina.startup.Catalina start
SEVERE: The required Server component failed to start so Tomcat is unable to start.
org.apache.catalina.LifecycleException: Failed to start component [StandardServer[8005]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
at org.apache.catalina.startup.Catalina.start(Catalina.java:691)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:322)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:456)
Caused by: org.apache.catalina.LifecycleException: Failed to start component [StandardService[Catalina]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:732)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 7 more
Caused by: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:443)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 9 more
Caused by: org.apache.catalina.LifecycleException: A child container failed during start
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:1131)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:302)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 11 more
Without adding that filter once the form is submitted the request will be catch by following controller. 提交表单后,无需添加过滤器 ,后续控制器将捕获请求。
@Controller
public class MainController {
@RequestMapping("/{viewName}")
public String index(@PathVariable String viewName) {
...
}
web.xml web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<listener>
<listener-class>org.apache.tiles.extras.complete.CompleteAutoloadTilesListener</listener-class>
</listener>
<servlet>
<servlet-name>my</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- <listener> -->
<!-- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> -->
<!-- </listener> -->
<!-- <filter> -->
<!-- <filter-name>springSecurityFilterChain</filter-name> -->
<!-- <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> -->
<!-- </filter> -->
<!-- <filter-mapping> -->
<!-- <filter-name>springSecurityFilterChain</filter-name> -->
<!-- <url-pattern>/*</url-pattern> -->
<!-- </filter-mapping> -->
<servlet-mapping>
<servlet-name>my</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/config/my-security.xml
</param-value>
</context-param>
</web-app>
my-security.xml my-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true" access-denied-page="/notFound.jsp"
use-expressions="true">
<intercept-url pattern="/" access="permitAll" />
</http>
<!-- <beans:import resource="security-db.xml" /> -->
<authentication-manager>
<authentication-provider>
<user-service>
<user name="alex" password="123456" authorities="ROLE_USER" />
<user name="mkyong" password="123456" authorities="ROLE_USER, ROLE_ADMIN" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
AppConfig.java AppConfig.java
@EnableWebMvc
@Configuration
@ComponentScan({ "com.myproject.*" })
@EnableTransactionManagement
@Import({ SecurityConfig.class })
public class AppConfig {
@Bean
public SessionFactory sessionFactory() {
LocalSessionFactoryBuilder builder = new LocalSessionFactoryBuilder(
dataSource());
builder.scanPackages("com.myproject.model").addProperties(
getHibernateProperties());
return builder.buildSessionFactory();
}
private Properties getHibernateProperties() {
Properties prop = new Properties();
prop.put("hibernate.format_sql", "true");
prop.put("hiberate.show_sql", "true");
prop.put("hibernate.dialect", "org.hibernate.dialect.MySQL5Dialect");
return prop;
}
@Bean(name = "dataSource")
public BasicDataSource dataSource() {
BasicDataSource ds = new BasicDataSource();
ds.setDriverClassName("com.mysql.jdbc.Driver");
ds.setUrl("jdbc:mysql://localhost:3306/test");
ds.setUsername("jack");
ds.setPassword("jack");
return ds;
}
@Bean
public HibernateTransactionManager txManager() {
return new HibernateTransactionManager(sessionFactory());
}
}
SecurityConfig.java SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("userDetailsService")
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(
passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/profile/**")
.access("hasRole('ADMIN')").and().formLogin()
.loginPage("/signin").failureUrl("/signin?error")
.usernameParameter("username").passwordParameter("password")
.and().logout().logoutSuccessUrl("/index").and().csrf().and()
.exceptionHandling().accessDeniedPage("/403");
}
@Bean
public PasswordEncoder passwordEncoder() {
PasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
}
SpringMVCInitializer.java SpringMVCInitializer.java
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
public class SpringMvcInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { AppConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return null;
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
LoginController.java LoginController.java
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}
if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
model.setViewName("login");
return model;
}
}
** **
PART 2 第2部分
Based on Thomas's suggestions I changed the code as following 根据Thomas的建议,我将代码更改如下
** **
web.xml web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<listener>
<listener-class>org.apache.tiles.extras.complete.CompleteAutoloadTilesListener</listener-class>
</listener>
<servlet>
<servlet-name>my</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>my</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
AppConfig.java AppConfig.java
@EnableWebMvc
@Configuration
@ComponentScan({ "com.myproject" })
@EnableTransactionManagement
@Import({ SecurityConfig.class })
public class AppConfig {
@Bean
public SessionFactory sessionFactory() {
LocalSessionFactoryBuilder builder = new LocalSessionFactoryBuilder(
dataSource());
builder.scanPackages("com.myproject.model").addProperties(
getHibernateProperties());
return builder.buildSessionFactory();
}
private Properties getHibernateProperties() {
Properties prop = new Properties();
prop.put("hibernate.format_sql", "true");
prop.put("hiberate.show_sql", "true");
prop.put("hibernate.dialect", "org.hibernate.dialect.MySQL5Dialect");
return prop;
}
@Bean(name = "dataSource")
public BasicDataSource dataSource() {
BasicDataSource ds = new BasicDataSource();
ds.setDriverClassName("com.mysql.jdbc.Driver");
ds.setUrl("jdbc:mysql://localhost:3306/test");
ds.setUsername("jack");
ds.setPassword("jack");
return ds;
}
@Bean
public HibernateTransactionManager txManager() {
return new HibernateTransactionManager(sessionFactory());
}
}
SecurityConfig.java SecurityConfig.java
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("userDetailsService")
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
// auth.userDetailsService(userDetailsService).passwordEncoder(
// passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/profile/**")
.access("hasRole('ADMIN')").and().formLogin()
.loginPage("/login").failureUrl("/login?error")
.and().logout().logoutSuccessUrl("/index").and().csrf().and()
.exceptionHandling().accessDeniedPage("/403");
}
@Bean
public PasswordEncoder passwordEncoder() {
PasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
}
SpringMVCInitializer.java SpringMVCInitializer.java
public class SpringMvcInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { AppConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return null;
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
MainController 主控制器
@Controller
public class MainController {
@RequestMapping("/{viewName}")
public String index(@PathVariable String viewName) {
System.err.println("View Name is :" + viewName);
if (isValidView(viewName)) {
return viewName;
}
return null;
}
Regarding MainController, this is the way that I handle static pages such as www.myproject.com/index, www.myproject.com/contactus etc. My other question regarding this issue is here 关于MainController,这是我处理静态页面(如www.myproject.com/index、www.myproject.com/contactus等)的方式。有关此问题的其他问题在这里
2 个解决方案
解决方案1
3 2015-06-13 10:48:59
There are several issues in your code. 您的代码中有几个问题。 The most important one is that you are mixing the Java configuration and the XML configuration for Spring Security. 最重要的是您要混合使用Spring Security的Java配置和XML配置。 Decide which configuration you prefer to use. 确定您喜欢使用哪种配置。 In my answer, I will focus on the Java-based configuration, as I would completely remove the XML configuration from your code. 在我的回答中,我将重点介绍基于Java的配置,因为我将从您的代码中完全删除XML配置。
In your case, the @EnableWebSecurity annotation by default already registers the appropriate filters. 在您的情况下,默认情况下, @EnableWebSecurity批注已经注册了适当的过滤器。 But if your are using the Spring MVC, it should rather be @EnableWebMvcSecurity . 但是,如果您使用的是Spring MVC,则应该使用@EnableWebMvcSecurity 。
Furthermore, look at your HttpSecurity configuration: 此外,查看您的HttpSecurity配置:
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/profile/**")
.access("hasRole('ADMIN')").and().formLogin()
.loginPage("/signin").failureUrl("/signin?error")
.usernameParameter("username").passwordParameter("password")
.and().logout().logoutSuccessUrl("/index").and().csrf().and()
.exceptionHandling().accessDeniedPage("/403");
}
You are obviously telling that login page will be at /signin , but in your LoginController the mapping is for /login . 您显然是在告诉登录页面位于/signin ,但是在LoginController中,映射是针对/login 。 And what for you config the .usernameParameter("username") .passwordParameter("password") ? 以及为您配置.usernameParameter("username") .passwordParameter("password")呢? It's already done this way in Spring Security default configuration. 在Spring Security默认配置中已经通过这种方式完成了。
You should also add the SecurityInitializer class, which in Spring Security 3.2 can look like this: 您还应该添加SecurityInitializer类,该类在Spring Security 3.2中看起来可能像这样:
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
public SecurityInitializer() {
super(SecurityConfig.class);
}
}
So to sum up, the basic steps to add the Spring Security to your project is to do the following: 综上所述,将Spring Security添加到项目中的基本步骤是执行以下操作:
- Add the appropriate (Maven, Gradle) dependencies for Spring Security; 为Spring Security添加适当的(Maven,Gradle)依赖关系;
- Configure the Spring Security class annotated with
@EnableWebMvcSecurity, especially inconfigureGlobal(...)andconfigure(...)methods;配置带有@EnableWebMvcSecurity注释的Spring Security类,尤其是在configureGlobal(...)和configure(...)方法中; - Register the class extending
AbstractSecurityWebApplicationInitializer;注册扩展AbstractSecurityWebApplicationInitializer的类; - Provide the mapping for login page in your controller and write down the custom form in JSP page. 在控制器中提供登录页面的映射,并在JSP页面中写下定制表单。
The basic login form can look like this: 基本的登录表单如下所示:
<form name='loginForm' method='POST'>
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'><input name="submit" type="submit"
value="submit" /></td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
These basic steps enable the Spring Security in your project. 这些基本步骤可在您的项目中启用Spring Security。 For more information, the good tutorials are: http://docs.spring.io/spring-security/site/docs/3.2.x/guides/hellomvc.html http://docs.spring.io/spring-security/site/docs/3.2.x/guides/form.html 有关更多信息,好的教程是: http : //docs.spring.io/spring-security/site/docs/3.2.x/guides/hellomvc.html http://docs.spring.io/spring-security/ site / docs / 3.2.x / guides / form.html
Good luck :) 祝好运 :)
解决方案2
1 已采纳 2015-06-19 12:29:51
I would highly suggest you to follow either Java or XML config. 我强烈建议您遵循Java或XML配置。 I personally prefer Java config. 我个人更喜欢Java配置。
- Remove all Spring Security related XML configs and create following files. 删除所有与Spring Security相关的XML配置并创建以下文件。
Amend the permission addresses to whatever you have.
将权限地址修改为您拥有的任何地址。 public class MessageSecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer { //register the springSecurityFilterChain with the war } public class MessageWebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer { @Override protected Class<?>[] getRootConfigClasses() { return new Class[] { SecurityConfig.class }; //make sure your config file gets loaded } @Override protected Class<?>[] getServletConfigClasses() { // TODO Auto-generated method stub return null; } @Override protected String[] getServletMappings() { // TODO Auto-generated method stub return null; } @Configuration @EnableWebMvcSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { System.err.println("in here"); auth.inMemoryAuthentication().withUser("user@yahoo.com") .password("password").roles("USER"); //access to inmemory credentials } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/resources/**", "/", "/index", "/aboutus") .permitAll() //allow access to your static pages and resources .antMatchers("/profile/**") .hasRole("USER") //profile address is only available to users ( do not need to add ROLE_ as Spring does it for you) .and() //and is equivalent of end tag in XML .formLogin().loginPage("/signin").failureUrl("/signin?error") .permitAll().and().logout().logoutUrl("/singout").permitAll(); }
For further explanation and to access to DB refer to the documentation 有关更多说明和访问数据库的信息,请参考文档
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
javax.servlet.ServletException-无法解析名称为view的视图 - javax.servlet.ServletException - Could not resolve view with name
javax.servlet.ServletException:无法解析名称为的视图 - javax.servlet.ServletException: Could not resolve view with name
Spring 3 安全 j_spring_security_check - Spring 3 Security j_spring_security_check
Maven项目异常:javax.servlet.ServletException:无法解析名称为“ dispatcher”的servlet中名称为“ login”的视图 - Maven project exception : javax.servlet.ServletException: Could not resolve view with name 'login' in servlet with name 'dispatcher'
javax.servlet.ServletException:无法解析名称为“ dispatcher”的servlet中名称为“ index.html”的视图 - javax.servlet.ServletException: Could not resolve view with name 'index.html' in servlet with name 'dispatcher'
javax.servlet.ServletException:无法解析名称为“ dispatcher”的servlet中名称为“ home”的视图 - javax.servlet.ServletException: Could not resolve view with name 'home' in servlet with name 'dispatcher'
javax.servlet.ServletException:无法解析名为“appServlet”的servlet中名为“home”的视图 - javax.servlet.ServletException: Could not resolve view with name 'home' in servlet with name 'appServlet'
javax.servlet.ServletException:无法解析名称为“ dispatcherServlet”的servlet中名称为“ forward:/ index”的视图 - javax.servlet.ServletException: Could not resolve view with name 'forward:/index' in servlet with name 'dispatcherServlet'
不允许使用Spring Security j_spring_security_check进行Spring Boot - Spring boot with Spring Security j_spring_security_check not allowed
j_spring_security_check 404 - j_spring_security_check 404
相关标签