8.1.11 Handling Duplicate Form Submissions

Grails has built-in support for handling duplicate form submissions using the "Synchronizer Token Pattern". To get started you define a token on the form tag:

  1. <g:form useToken="true" ...>

Then in your controller code you can use the withForm method to handle valid and invalid requests:

  1. withForm {
  2.    // good request
  3. }.invalidToken {
  4.    // bad request
  5. }

If you only provide the withForm method and not the chained invalidToken method then by default Grails will store the invalid token in a flash.invalidToken variable and redirect the request back to the original page. This can then be checked in the view:

  1. <g:if test="${flash.invalidToken}">
  2.   Don't click the button twice!
  3. </g:if>
The withForm tag makes use of the session and hence requires session affinity or clustered sessions if used in a cluster.