From 380a6a2564daecb5720405eaced2ea74222ae795 Mon Sep 17 00:00:00 2001
From: Josh Cummings <josh.cummings@gmail.com>
Date: Wed, 5 Oct 2022 23:59:14 -0600
Subject: [PATCH] Polish SecurityContextHolderStrategy Usage

- Add to HttpSessionSecurityContextRepository#saveContext

Issue gh-11060
---
 .../web/context/HttpSessionSecurityContextRepository.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
index afc6035e5d..100c11bb53 100644
--- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
@@ -142,7 +142,7 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
 				SaveContextOnUpdateOrErrorResponseWrapper.class);
 		if (responseWrapper == null) {
 			boolean httpSessionExists = request.getSession(false) != null;
-			SecurityContext initialContext = SecurityContextHolder.createEmptyContext();
+			SecurityContext initialContext = this.securityContextHolderStrategy.createEmptyContext();
 			responseWrapper = new SaveToSessionResponseWrapper(response, request, httpSessionExists, initialContext);
 		}
 		responseWrapper.saveContext(context);