Both Session.Clear() and Session.Abandon() get rid of session variables. As I understand it, Abandon() ends the current session, and causes a new session to be created thus causing the End and Start events to fire.
It seems preferable to call Abandon() in most cases, such as logging a user out. Are there scenarios where I'd use Clear() instead? Is there much of a performance difference?
Session.Abandon() destroys the session and the Session_OnEnd event is triggered.
Session.Clear() just removes all values (content) from the Object. The session with the same key is still alive.
So, if you use Session.Abandon(), you lose that specific session and the user will get a new session key. You could use it for example when the user logs out.
Use Session.Clear(), if you want that the user remaining in the same session (if you don't want him to relogin for example) and reset all his session specific data.
I had this issue and tried both, but had to settle for removing crap like "pageEditState", but not removing user info lest I have to look it up again.
public static void RemoveEverythingButUserInfo()
{
foreach (String o in HttpContext.Current.Session.Keys)
{
if (o != "UserInfoIDontWantToAskForAgain")
keys.Add(o);
}
}
I'm still not sure what a real world example is where you'd use Session.Abondon(). Session.Clear() I can understand...if the user clicks your logout link and you take them to your "you've been logged out" page....their browser session is still continuing but you want to remove the info stored in the session. If you abondoned the session then a new session would be created straight away for the "you've been logged out" page.