diff --git a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
index e1ad396e8a..9faa914736 100644
--- a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
@@ -405,6 +405,7 @@ public class AbstractAuthenticationProcessingFilterTests extends TestCase {
         // Reject authentication, so exception would normally be stored in session
         MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
         filter.setAllowSessionCreation(false);
+        failureHandler.setAllowSessionCreation(false);
         filter.setAuthenticationFailureHandler(failureHandler);
         successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
         filter.setAuthenticationSuccessHandler(successHandler);