ASP.NET session corresponds to browser session – it is independent of whether user is authenticated (logged in) or not. So you should not have any issue with regards to guest/member sessions. I would advise you to expose the current shopping cart via static accessor property – for example
Class ShoppingCart {
public static ShoppingCart Current
{
get
{
var cart = HttpContext.Current.Session["Cart"] as ShoppingCart;
if (null == cart)
{
cart = new ShoppingCart();
HttpContext.Current.Session["Cart"] = cart;
}
return cart;
}
}
... // rest of the code
}
Few things to consider here:
- Whenever web application or web server recycles/restarts, your in-process sessions would lost. It means you need persist your session in database at appropriate point.
- You may use out of process session storage (database or different server) – you have to mark your shopping cart class as serializable in such case. There is performance cost to out-of-process sessions. As such, you are already storing session in database, so IMO, you should use in-proc sessions making sure to write dirty sessions into the database as soon as possible.