diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java
index bc3053808f..0a77d570a2 100755
--- a/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java
@@ -148,6 +148,7 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends GenericFi
             if (session != null) {
                 logger.debug("Invalidating existing session");
                 session.invalidate();
+                request.getSession();
             }
         }
 
diff --git a/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java b/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java
index d6dd36312c..8d2e6d0b72 100644
--- a/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java
+++ b/web/src/main/java/org/springframework/security/web/session/SessionManagementFilter.java
@@ -105,12 +105,12 @@ public class SessionManagementFilter extends GenericFilterBean {
      * Sets the strategy object which handles the session management behaviour when a
      * user has been authenticated during the current request.
      *
-     * @param sessionStrategy the strategy object. If not set, a {@link SessionFixationProtectionStrategy} is used.
+     * @param sessionAuthenticationStrategy the strategy object. If not set, a {@link SessionFixationProtectionStrategy} is used.
      * @deprecated Use constructor injection
      */
     @Deprecated
     public void setSessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
-        Assert.notNull(sessionAuthenticationStrategy, "authenticatedSessionStratedy must not be null");
+        Assert.notNull(sessionAuthenticationStrategy, "authenticatedSessionStrategy must not be null");
         this.sessionAuthenticationStrategy = sessionAuthenticationStrategy;
     }