Before a form is sent to the User in your action class make a saveToken(request) call. When the form is displayed on the client side there is a token attached which is sent along with the form on a submit by the Client
When a call is received the token (sent by the Client) is compared with it's contents in Session
via the isValidToken() which return true if there is a match else it returns false.
In summary
before sending form to user issue saveToken(request)
and before processing issue a isValidToken() to see if the token is valid
HTH
Manglu
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
