Merge branch 'stable-2.16' into stable-3.0 * stable-2.16: Create HTTP session only for login requests Change-Id: I432b5917224f4e56c6167384ba069d7976718aee

commit: 791f74b69b21e25a7a9d06d1d996cacb287b8559 [log] [tgz]
author: Luca Milanesio <luca.milanesio@gmail.com> Thu Dec 15 22:28:48 2022 +0000
committer: Luca Milanesio <luca.milanesio@gmail.com> Thu Dec 15 22:28:48 2022 +0000
tree: 534bf421a541e185b8c6ef88eb6d3850f4b2521d
parent: 2a846f18a7e969c1f7284c1676c78d44a4d3468d [diff]
parent: 01c8be6c332adeb45300a7e4a41e98524348e927 [diff]
diff --git a/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java b/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java
index ee4c72f..2c6549f 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java

@@ -145,13 +145,13 @@
     */
     HttpServletRequest httpRequest = new AnonymousHttpRequest((HttpServletRequest) incomingRequest);
     HttpServletResponse httpResponse = (HttpServletResponse) response;
-    AuthenticatedUser user = userFromRequest(httpRequest);
 
     try {
       if (isSamlPostback(httpRequest)) {
         J2EContext context = new J2EContext(httpRequest, httpResponse);
         signin(context);
       } else if (isGerritLogin(httpRequest)) {
+        AuthenticatedUser user = userFromRequest(httpRequest);
         if (user == null) {
           J2EContext context = new J2EContext(httpRequest, httpResponse);
           redirectToIdentityProvider(context);
commit	791f74b69b21e25a7a9d06d1d996cacb287b8559	[log] [tgz]
author	Luca Milanesio <luca.milanesio@gmail.com>	Thu Dec 15 22:28:48 2022 +0000
committer	Luca Milanesio <luca.milanesio@gmail.com>	Thu Dec 15 22:28:48 2022 +0000
tree	534bf421a541e185b8c6ef88eb6d3850f4b2521d
parent	2a846f18a7e969c1f7284c1676c78d44a4d3468d [diff]
parent	01c8be6c332adeb45300a7e4a41e98524348e927 [diff]