The main problem that tokens are trying to solve is the one of double submissions of forms. Interestingly enough, it can also be used to handle the "back" and "forward" button behavior. The concept basically works around the fact that struts assigns tokens to each page it serves (forms) expecting those token back. If the token is not valid, then you know a double submission took place. It basically works around the following 3 methods (which can be used within any Action Class)
* saveToken(HttpServletRequest req)
* isTokenValid(HttpServletRequest req)
* resetToken(HttpServletRequest req)
Take a look at:
for examples. Hope this helps!