Merge branch 'stable-3.0' into stable-3.1 * stable-3.0: Create HTTP session only for login requests Change-Id: Ib0c8e2a2a5fa0c153de294df4b04e612bf25bed4

commit: 464dd5c4325ced2cd413975da7ad198015407f01 [log] [tgz]
author: Luca Milanesio <luca.milanesio@gmail.com> Thu Dec 15 22:29:20 2022 +0000
committer: Luca Milanesio <luca.milanesio@gmail.com> Thu Dec 15 22:29:20 2022 +0000
tree: 0f5669c4206455bb0b8ca42aab432ace6711d869
parent: 1b92449cd851360658e4cf5f0dc1215a7279f378 [diff]
parent: 791f74b69b21e25a7a9d06d1d996cacb287b8559 [diff]
diff --git a/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java b/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java
index ee4c72f..2c6549f 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/saml/SamlWebFilter.java

@@ -145,13 +145,13 @@
     */
     HttpServletRequest httpRequest = new AnonymousHttpRequest((HttpServletRequest) incomingRequest);
     HttpServletResponse httpResponse = (HttpServletResponse) response;
-    AuthenticatedUser user = userFromRequest(httpRequest);
 
     try {
       if (isSamlPostback(httpRequest)) {
         J2EContext context = new J2EContext(httpRequest, httpResponse);
         signin(context);
       } else if (isGerritLogin(httpRequest)) {
+        AuthenticatedUser user = userFromRequest(httpRequest);
         if (user == null) {
           J2EContext context = new J2EContext(httpRequest, httpResponse);
           redirectToIdentityProvider(context);
commit	464dd5c4325ced2cd413975da7ad198015407f01	[log] [tgz]
author	Luca Milanesio <luca.milanesio@gmail.com>	Thu Dec 15 22:29:20 2022 +0000
committer	Luca Milanesio <luca.milanesio@gmail.com>	Thu Dec 15 22:29:20 2022 +0000
tree	0f5669c4206455bb0b8ca42aab432ace6711d869
parent	1b92449cd851360658e4cf5f0dc1215a7279f378 [diff]
parent	791f74b69b21e25a7a9d06d1d996cacb287b8559 [diff]