Session created by default handlers on stateless firewalls

### Symfony version(s) affected

6.3

### Description

Tests are broken on [that project](https://github.com/hwi/HWIOAuthBundle/pull/1938) since Symfony 6.0 and after more investigation I found that Symfony is starting the session in `DefaultAuthenticationSuccessHandler::onAuthenticationSuccess()` when `determineTargetUrl()` read the session to get the target URL, even if the firewall is marked as stateless.

This result in the error:
> Session was used while the request was declared stateless.

### How to reproduce

Setup a stateless firewall using `DefaultAuthenticationSuccessHandler`.

See failing test here: https://github.com/hwi/HWIOAuthBundle/pull/1938

### Possible Solution

_No response_

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Session created by default handlers on stateless firewalls #51319

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Session created by default handlers on stateless firewalls #51319

Description

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions