|  | @@ -27,6 +27,7 @@ import org.apache.commons.logging.Log;
 | 
	
		
			
				|  |  |  import org.junit.jupiter.api.AfterEach;
 | 
	
		
			
				|  |  |  import org.junit.jupiter.api.BeforeEach;
 | 
	
		
			
				|  |  |  import org.junit.jupiter.api.Test;
 | 
	
		
			
				|  |  | +import org.mockito.ArgumentCaptor;
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  import org.springframework.mock.web.MockFilterConfig;
 | 
	
		
			
				|  |  |  import org.springframework.mock.web.MockHttpServletRequest;
 | 
	
	
		
			
				|  | @@ -34,14 +35,17 @@ import org.springframework.mock.web.MockHttpServletResponse;
 | 
	
		
			
				|  |  |  import org.springframework.security.authentication.AuthenticationManager;
 | 
	
		
			
				|  |  |  import org.springframework.security.authentication.BadCredentialsException;
 | 
	
		
			
				|  |  |  import org.springframework.security.authentication.InternalAuthenticationServiceException;
 | 
	
		
			
				|  |  | +import org.springframework.security.authentication.TestAuthentication;
 | 
	
		
			
				|  |  |  import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 | 
	
		
			
				|  |  |  import org.springframework.security.core.Authentication;
 | 
	
		
			
				|  |  |  import org.springframework.security.core.AuthenticationException;
 | 
	
		
			
				|  |  |  import org.springframework.security.core.authority.AuthorityUtils;
 | 
	
		
			
				|  |  | +import org.springframework.security.core.context.SecurityContext;
 | 
	
		
			
				|  |  |  import org.springframework.security.core.context.SecurityContextHolder;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServicesTests;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
 | 
	
		
			
				|  |  | +import org.springframework.security.web.context.SecurityContextRepository;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.firewall.DefaultHttpFirewall;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 | 
	
		
			
				|  |  |  import org.springframework.security.web.util.matcher.RequestMatcher;
 | 
	
	
		
			
				|  | @@ -322,6 +326,37 @@ public class AbstractAuthenticationProcessingFilterTests {
 | 
	
		
			
				|  |  |  		assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
 | 
	
		
			
				|  |  |  	}
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | +	@Test
 | 
	
		
			
				|  |  | +	public void testSuccessfulAuthenticationThenDefaultDoesNotCreateSession() throws Exception {
 | 
	
		
			
				|  |  | +		Authentication authentication = TestAuthentication.authenticatedUser();
 | 
	
		
			
				|  |  | +		MockHttpServletRequest request = new MockHttpServletRequest();
 | 
	
		
			
				|  |  | +		MockHttpServletResponse response = new MockHttpServletResponse();
 | 
	
		
			
				|  |  | +		MockFilterChain chain = new MockFilterChain(false);
 | 
	
		
			
				|  |  | +		MockAuthenticationFilter filter = new MockAuthenticationFilter();
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +		filter.successfulAuthentication(request, response, chain, authentication);
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +		assertThat(request.getSession(false)).isNull();
 | 
	
		
			
				|  |  | +	}
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +	@Test
 | 
	
		
			
				|  |  | +	public void testSuccessfulAuthenticationWhenCustomSecurityContextRepositoryThenAuthenticationSaved()
 | 
	
		
			
				|  |  | +			throws Exception {
 | 
	
		
			
				|  |  | +		ArgumentCaptor<SecurityContext> contextCaptor = ArgumentCaptor.forClass(SecurityContext.class);
 | 
	
		
			
				|  |  | +		SecurityContextRepository repository = mock(SecurityContextRepository.class);
 | 
	
		
			
				|  |  | +		Authentication authentication = TestAuthentication.authenticatedUser();
 | 
	
		
			
				|  |  | +		MockHttpServletRequest request = new MockHttpServletRequest();
 | 
	
		
			
				|  |  | +		MockHttpServletResponse response = new MockHttpServletResponse();
 | 
	
		
			
				|  |  | +		MockFilterChain chain = new MockFilterChain(false);
 | 
	
		
			
				|  |  | +		MockAuthenticationFilter filter = new MockAuthenticationFilter();
 | 
	
		
			
				|  |  | +		filter.setSecurityContextRepository(repository);
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +		filter.successfulAuthentication(request, response, chain, authentication);
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +		verify(repository).saveContext(contextCaptor.capture(), eq(request), eq(response));
 | 
	
		
			
				|  |  | +		assertThat(contextCaptor.getValue().getAuthentication()).isEqualTo(authentication);
 | 
	
		
			
				|  |  | +	}
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  |  	@Test
 | 
	
		
			
				|  |  |  	public void testFailedAuthenticationInvokesFailureHandler() throws Exception {
 | 
	
		
			
				|  |  |  		// Setup our HTTP request
 |