With this commit(1), calls to Sessions.getOrCreateSession() from
within a handler where no session cookie was sent with the request
result in a new Session being created every time, with the last
Session created actually being the one stored when the exchange is
completed.

This means that the following in a handler results in "foo" not being
in the session on the next request:

Sessions.getOrCreateSession(exchange).setAttribute("foo", "bar");
Sessions.getOrCreateSession(exchange);

Before (1), the second getOrCreateSession() call would return the same
Session object as the first call, not overwriting the one already
attached to the request, and "foo" would be preserved.

(1): https://github.com/undertow-io/undertow/commit/a97fec29f379fff6cb5a74ae9a39177a9c36d4ae