Session.Abandon and Session ID

Created 2001-04-03.

Question:

I call Session.Abandon after a person completes an order. The users session is expired and they have to relogin. Great! The issue is that the sessionID stays the same. From what I understand, this is suppose to change every time a new session is created. Is this true?

Answer:

Session.Abandon only releases the memory used by session variables and frees the server resources used by that session. Session ID is stored on the client side (as a cookie) and is unaffected by the Abandon method. As such, the session effectively restarts, but retains the session ID.

 

Back to Non-Printer Version