The transaction enforcement support in class Action assumes that the key will be returned in the request attributes. This is not the case with pages that require multipart support (for file uploads, for example). A direct work-around exists -- just use the generateToken() and saveToken() methods, handle schlepping the key in the form yourself, and write your own one-liner to compare the schlepped key with the stored one. It took me an embarrassingly long time to find this problem because of my (deserved) faith in Struts. <g> Maybe it should be documented, though devoting resources to fix it now is probably not necessary. -r Richard Reich http://reich.com http://calendar.yahoo.com/richard+reich
