Hi mr. temp.temp 1. The Action calls saveToken(request); 2. A unique token will be generated and saved in the session and in the jsp as a hidden field. 3. The next action calls |*isTokenValid <http://struts.apache.org/struts-doc-1.2.x/api/org/apache/struts/action/Action.html#isTokenValid%28javax.servlet.http.HttpServletRequest,%20boolean%29>(request, true); 4. If the token in the request match the token in the session everything is alright. Otherwise the user has gone back and the token in the request is not valid. 5. True means, the token will be reseted. Otherwise you have to reset it on your own with the method resetToken(request).
Manfred*| --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
