This text is from core j2ee patterns [1]: Synchronizer Token
This strategy addresses the problem of duplicate form submissions. A synchronizer token is set in a user's session and included with each form returned to the client. When that form is submitted, the synchronizer token in the form is compared to the synchronizer token in the session. The tokens should match the first time the form is submitted. If the tokens do not match, then the form submission may be disallowed and an error returned to the user. Token mismatch may occur when the user submits a form, then clicks the Back button in the browser and attempts to resubmit the same form. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995032#3995032 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995032 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
