Rating: 

Chances are you're not going to like my answer here. This is one of those topics that can cause countries to go to war over. I have a co-worker that is a PHD Human Factors guy. He's done a ton of research around the area of the back button and how this should or shouldn't be used in a web application. Before he explained his findings to me, I would have said that the back button should be removed, disabled, etc. However, his research indicates that users expect it to work like you would imagine and therefore, being good application developers, we have to deal with it.

There's a couple of things you can do. One, disable caching. This is important for many reasons, not to mention stale data or showing sensitive data. Imagine walking into a public library and seeing a browser left open and you sit down and hit the back button a few times and see the previous user's banking information; not good. So you really should consider disabling caching. There are several steps neccessary, struts-config setting and JSP pages settings possibly.

The next thing to consider is that when the back button is pressed, the previous action will be executed. So you have to make sure to deal with that and all of the ramifications.

Rather than rehash what many other Struts users have asked about and received suggestions on, I'll include this "long" link that will list many of those already discussed threads.

Make sure to paste all of it into the browser or it will not work correctly. Once pasted into the browser, there should be no spaces between the lines.

http://nagoya.apache.org/eyebrowse/SearchList?listId=&listName=struts-user@jakarta.apache.org&searchText=%22back+button%22&defaultField=subject&Search=Search