(Based on Junilu's nice description at
https://coderanch.com/t/48839/Struts/Preventing-multiple-posts)
On initial request:
call saveToken(request) in your Action classforward to the JSP displaying the form
On form submit:
have the Action check if isTokenValid(request)if true, process request then call resetToken(); otherwise, we're dealing with a double-submit and will skip processing it.
What's happening under the hood:
Struts will generate a unique value (the token) and keep it in the session contextWhen the JSP is rendered, Struts inserts the token as a hidden fieldThe hidden field token is submitted along with the rest of the form and isValidToken() checks the value that came in with the current request against the value that was saved in the session context by the most recent saveToken() call. If the two token values match, the submission is valid.
<< Back to
StrutsFaq