SEC-1429: Fix test. Wasn't setting allowSessionCreation=false on failure handler.

2025-07-09 20:03:30 +00:00 · 2010-03-11 02:30:17 +00:00 · 2010-03-11 02:30:17 +00:00 · 677576ea8b
commit 677576ea8b
parent 91153df78d
1 changed files with 1 additions and 0 deletions
--- a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
@ -405,6 +405,7 @@ public class AbstractAuthenticationProcessingFilterTests extends TestCase {
        // Reject authentication, so exception would normally be stored in session
        MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
        filter.setAllowSessionCreation(false);
+        failureHandler.setAllowSessionCreation(false);
        filter.setAuthenticationFailureHandler(failureHandler);
        successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        filter.setAuthenticationSuccessHandler(successHandler);