From 677576ea8b6ca0d339d0728dbd5773ca24e761bf Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Thu, 11 Mar 2010 02:30:17 +0000
Subject: [PATCH] SEC-1429: Fix test. Wasn't setting allowSessionCreation=false
 on failure handler.

---
 .../AbstractAuthenticationProcessingFilterTests.java             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
index e1ad396e8a..9faa914736 100644
--- a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java
@@ -405,6 +405,7 @@ public class AbstractAuthenticationProcessingFilterTests extends TestCase {
         // Reject authentication, so exception would normally be stored in session
         MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
         filter.setAllowSessionCreation(false);
+        failureHandler.setAllowSessionCreation(false);
         filter.setAuthenticationFailureHandler(failureHandler);
         successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
         filter.setAuthenticationSuccessHandler(successHandler);