Please don't use Struts 1.
It is past End of Life and no longer supported. That means that there will be no security updates or bug fixes going forward.
There is at least one critical security issue in all production versions, including 1.3.10: STR-3220. This allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method.
Struts 1.x has some architectural issues that make it more difficult to develop with compared to more "modern" frameworks:
For example, the fact that a Struts Action must extend org.apache.struts.action.Action. Since Java does not permit multiple inheritance, this means that no matter how similar your Actions, one cannot create a superclass of their own for them.
Another example is the requirement that one create a subclass FormBean for every form. In practical terms, this means one will end up duplicating their domain objects for the front end and have to create code to convert the domain objects into front end objects and vice versa. DynaActionForm is a partial remedy, in that one doesn't have to create a new class for each form, but one still has to go through the trouble of converting their domain objects to/from the DynaActionForm.
You totally ruined the moon. You're gonna hafta pay for that you know. This tiny ad agrees:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop