diff --git a/core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java b/core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java
index 685f9e3e27..bb8673472f 100644
--- a/core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/webapp/HttpSessionIntegrationFilter.java
@@ -92,7 +92,8 @@ public class HttpSessionIntegrationFilter extends AbstractIntegrationFilter {
 
     public void commitToContainer(ServletRequest request,
         Authentication authentication) {
-        if (request instanceof HttpServletRequest) {
+        if (request instanceof HttpServletRequest
+            && ((HttpServletRequest) request).isRequestedSessionIdValid()) {
             HttpSession httpSession = ((HttpServletRequest) request).getSession();
 
             if (httpSession != null) {
diff --git a/core/src/test/java/org/acegisecurity/MockHttpServletRequest.java b/core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
index 05726d2ee8..74d4e6a75f 100644
--- a/core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
+++ b/core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
@@ -270,7 +270,7 @@ public class MockHttpServletRequest implements HttpServletRequest {
     }
 
     public boolean isRequestedSessionIdValid() {
-        throw new UnsupportedOperationException("mock method not implemented");
+        return true;
     }
 
     public void setScheme(String scheme) {