Spring Security No session is created during IdP initiated SSO.

Expected Behavior

The session must be created during IdP initiated SSO.

Current Behavior

During IdP initiated SSO no session is created and because of this even after successful authorization, Spring Security initializes SP initiated SSO.

Context

With SP initiated SSO, a session is created in the HttpSessionSaml2AuthenticationRequestRepository#saveAuthenticationRequest method, which creates a cookie and saves all authorization data after successful authorization.