Monday, September 15, 2003 07:31 AM
Actually it is neither simple, nor silly!
The way http works, you cannot prevent the client from re-submitting. So you have to guard against it on the server side. The Struts API provides a 'token' for this; otherwise I think you have to code it yourself (unless there's some taglib somewhere?).
I think basically you do a cycle, of set, check, and clear, on a semi-random 'token' of some sort, in the session and in a hidden field on the jsp response, to track whether this is the first time this form has been submitted or not.
E.g. you get a request for a page which is a jsp form. You generate a new 'token', set it in session scope (I guess this has to be synchronized), and render it in a hidden field on the jsp. Then when the user submits the form, you get the hidden field parameter and compare it against the synchronize token. If it matches, you have a good, first-time request from that form, so you immediately clear the token in the session (maybe you want to do both test + clear "atomically", in the same synchronized method). Then if a new request comes in afterwards, with the same token e.g. a re-submit of the same page, it will no longer match the token in the session (that you just cleared), so you know to disregard it.