spring-projects · pferraro · Nov 21, 2020
diff --git a/...sion-core/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java b/...sion-core/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java
@@ -221,11 +221,16 @@ private void commitSession() {
 			}
 			else {
 				S session = wrappedSession.getSession();
-				clearRequestedSessionCache();
-				SessionRepositoryFilter.this.sessionRepository.save(session);
 				String sessionId = session.getId();
-				if (!isRequestedSessionIdValid() || !sessionId.equals(getRequestedSessionId())) {
-					SessionRepositoryFilter.this.httpSessionIdResolver.setSessionId(this, this.response, sessionId);
+				try {
+					boolean sendSessionId = !isRequestedSessionIdValid() || !sessionId.equals(getRequestedSessionId());
+					SessionRepositoryFilter.this.sessionRepository.save(session);
+					if (sendSessionId) {
+						SessionRepositoryFilter.this.httpSessionIdResolver.setSessionId(this, this.response, sessionId);
+					}
+				}
+				finally {
+					clearRequestedSessionCache();
 				}
 			}
 		}

diff --git a/...core/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java b/...core/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java
@@ -1313,8 +1313,8 @@ public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrap
 			}
 		});
 
-		// 3 invocations expected: initial resolution, after invalidation, after commit
-		verify(sessionRepository, times(3)).findById(eq(session.getId()));
+		// 3 invocations expected: initial resolution, after invalidation
+		verify(sessionRepository, times(2)).findById(eq(session.getId()));
 		verify(sessionRepository).deleteById(eq(session.getId()));
 		verify(sessionRepository).createSession();
 		verify(sessionRepository).save(any());