What is the difference between Session.Abandon() and Session.Clear()
What is the difference between destroying a session and removing its values? Can you please provide an example demonstrating this?
I searched for this question, but don't grasp total answer. Some answers are:
-
Session.Abandon()
destroys the session -
Session.Clear()
just removes all values
A friend told me this:
Clearing the session will not unset the session, it still exists with the same ID for the user but with the values simply cleared.
Abandon will destroy the session completely, meaning that you need to begin a new session before you can store any more values in the session for that user.
The below code works and doesn't throw any exceptions.
Session.Abandon();
Session["tempKey1"] = "tempValue1";
When you Abandon() a Session, you (or rather the user) will get a new SessionId
When I test Session, it doesn't makes any change when I Abandon the session.
I just find one difference:
session.Abandon()
raises Session_End
event
Clear - Removes all keys and values from the session-state collection.
Abandon - removes all the objects stored in a Session. If you do not call the Abandon method explicitly, the server removes these objects and destroys the session when the session times out.
It also raises events like Session_End.
Session.Clear can be compared to removing all books from the shelf, while Session.Abandon is more like throwing away the whole shelf.
You say:
When I test Session, it doesn't makes any change when I Abandon the session.
This is correct while you are doing it within one request only.
On the next request the session will be different. But the session ID can be reused so that the id will remain the same.
If you will use Session.Clear you will have the same session in many requests.
Generally, in most cases you need to use Session.Clear.
You can use Session.Abandon if you are sure the user is going to leave your site.
So back to the differences:
- Abandon raises Session_End request.
- Clear removes items immidiately, Abandon does not.
- Abandon releases the SessionState object and its items so it can ba garbage collected to free the resources. Clear keeps SessionState and resources associated with it.
When you Abandon()
a Session, you (or rather the user) will get a new SessionId (on the next request).
When you Clear()
a Session, all stored values are removed, but the SessionId stays intact.
This is sort of covered by the various responses above, but the first time I read this article I missed an important fact, which led to a minor bug in my code...
Session.Clear()
will CLEAR the values of all the keys but will NOT cause the session end event to fire.
Session.Abandon()
will NOT clear the values on the current request. IF another page is requested, the values will be gone for that one. However, abandon WILL throw the event.
So, in my case (and perhaps in yours?), I needed Clear()
followed by Abandon()
.
this code works and dont throw any exception:
Session.Abandon(); Session["tempKey1"] = "tempValue1";
It's because when the Abandon method is called, the current Session object is queued for deletion but is not actually deleted until all of the script commands on the current page have been processed. This means that you can access variables stored in the Session object on the same page as the call to the Abandon method but not in any subsequent Web pages.
For example, in the following script, the third line prints the value Mary. This is because the Session object is not destroyed until the server has finished processing the script.
<%
Session.Abandon
Session("MyName") = "Mary"
Reponse.Write(Session("MyName"))
%>
If you access the variable MyName on a subsequent Web page, it is empty. This is because MyName was destroyed with the previous Session object when the page containing the previous example finished processing.
from MSDN Session.Abandon
Clearing a session removes the values that were stored there, but you still can add new ones there. After destroying the session you cannot add new values there.