You really can’t. There are Struts discussions here with recommended settings here. And this discussion refers to the WebObjects docs here.

You also can’t reliably display a “Warning: Page has Expired” IE message, as discussed here.

Overall it seems like transaction tokens are a recommended solution, but I was surprised that no one mentioned Struts Workflow.