diff --git a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java
index 8a4165b3f3..372dabc9e2 100644
--- a/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java
+++ b/web/src/main/java/org/springframework/security/web/context/SaveContextOnUpdateOrErrorResponseWrapper.java
@@ -203,16 +203,14 @@ public abstract class SaveContextOnUpdateOrErrorResponseWrapper extends HttpServ
             this.delegate.write(b);
         }
 
-        @Override
         public void flush() throws IOException {
             doSaveContext();
-            super.flush();
+            delegate.flush();
         }
 
-        @Override
         public void close() throws IOException {
             doSaveContext();
-            super.close();
+            delegate.close();
         }
     }
 }
diff --git a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
index 19e61b6060..75f634b975 100644
--- a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
+++ b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
@@ -16,6 +16,8 @@ import static org.junit.Assert.*;
 import static org.mockito.Mockito.*;
 import static org.springframework.security.web.context.HttpSessionSecurityContextRepository.*;
 
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import org.junit.After;
@@ -257,6 +259,38 @@ public class HttpSessionSecurityContextRepositoryTests {
         assertEquals(SecurityContextHolder.getContext(), request.getSession().getAttribute("imTheContext"));
     }
 
+    // SEC-SEC-2055
+    @Test
+    public void outputStreamCloseDelegate() throws Exception {
+        HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
+        repo.setSpringSecurityContextKey("imTheContext");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        HttpServletResponse response = mock(HttpServletResponse.class);
+        ServletOutputStream outputstream = mock(ServletOutputStream.class);
+        when(response.getOutputStream()).thenReturn(outputstream);
+        HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
+        SecurityContextHolder.setContext(repo.loadContext(holder));
+        SecurityContextHolder.getContext().setAuthentication(testToken);
+        holder.getResponse().getOutputStream().close();
+        verify(outputstream).close();
+    }
+
+    // SEC-SEC-2055
+    @Test
+    public void outputStreamFlushesDelegate() throws Exception {
+        HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
+        repo.setSpringSecurityContextKey("imTheContext");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        HttpServletResponse response = mock(HttpServletResponse.class);
+        ServletOutputStream outputstream = mock(ServletOutputStream.class);
+        when(response.getOutputStream()).thenReturn(outputstream);
+        HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
+        SecurityContextHolder.setContext(repo.loadContext(holder));
+        SecurityContextHolder.getContext().setAuthentication(testToken);
+        holder.getResponse().getOutputStream().flush();
+        verify(outputstream).flush();
+    }
+
     @Test
     public void noSessionIsCreatedIfSessionWasInvalidatedDuringTheRequest() throws Exception {
         HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();