diff -u b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php
--- b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php
+++ b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php
@@ -52,6 +52,7 @@
 
     // Test that the route is not accessible as an anonymous user.
     $this->drupalGet($protected_url);
+    $session = $this->getSession();
     $this->assertResponse(401, 'An anonymous user cannot access a route protected with basic authentication.');
 
     // We should be able to access the route with basic authentication.
@@ -59,14 +60,14 @@
     $this->assertResponse(200, 'A route protected with basic authentication can be accessed by an authenticated user.');
 
     // Check that the correct user is logged in.
-    $this->assertEqual($this->user->id(), json_decode($this->getSession()->getPage()->getContent())->user, 'The correct user is authenticated on a route with basic authentication.');
-    $this->getSession()->restart();
+    $this->assertEqual($this->user->id(), json_decode($session->getPage()->getContent())->user, 'The correct user is authenticated on a route with basic authentication.');
+    $session->restart();
 
     // If we now try to access a page without basic authentication then we
     // should no longer be logged in.
     $this->drupalGet($unprotected_url);
     $this->assertResponse(200, 'An unprotected route can be accessed without basic authentication.');
-    $this->assertFalse(json_decode($this->getSession()->getPage()->getContent())->user, 'The user is no longer authenticated after visiting a page without basic authentication.');
+    $this->assertFalse(json_decode($session->getPage()->getContent())->user, 'The user is no longer authenticated after visiting a page without basic authentication.');
 
     // If we access the protected page again without basic authentication we
     // should get 401 Unauthorized.
diff -u b/core/modules/system/tests/src/Functional/Session/SessionTest.php b/core/modules/system/tests/src/Functional/Session/SessionTest.php
--- b/core/modules/system/tests/src/Functional/Session/SessionTest.php
+++ b/core/modules/system/tests/src/Functional/Session/SessionTest.php
@@ -95,18 +95,19 @@
     // properly, val_1 will still be set.
     $value_2 = $this->randomMachineName();
     $this->drupalGet('session-test/no-set/' . $value_2);
+    $session = $this->getSession();
     $this->assertText($value_2, 'The session value was correctly passed to session-test/no-set.', 'Session');
     $this->drupalGet('session-test/get');
     $this->assertText($value_1, 'Session data is not saved for drupal_save_session(FALSE).', 'Session');
 
     // Switch browser cookie to anonymous user, then back to user 1.
     $session_cookie_name = $this->getSessionName();
-    $session_cookie_value = $this->getSession()->getCookie($session_cookie_name);
-    $this->getSession()->restart();
+    $session_cookie_value = $session->getCookie($session_cookie_name);
+    $session->restart();
     $this->initFrontPage();
     // Session restart always resets all the cookies by design, so we need to
     // add the old session cookie again.
-    $this->getSession()->setCookie($session_cookie_name, $session_cookie_value);
+    $session->setCookie($session_cookie_name, $session_cookie_value);
     $this->drupalGet('session-test/get');
     $this->assertText($value_1, 'Session data persists through browser close.', 'Session');
     $this->mink->setDefaultSessionName('default');