In Broadleaf, both SessionOrderLockManager and DatabaseOrderLockManager can be used by CartStateFilter to serialize user requests.
It appears that the former locks on the session associated with the request, and the latter locks on the order embedded in the request body.
My question is that, why both implementations exist? Are there differences in the provided semantics? Are there scenarios where session-based locks won't suffice? (I found through git history that the database lock implementation is introduced after.)
Many thanks!
p.s. I'm not familiar with HTTP sessions. Please correct me if any statement is wrong.
[Edit] Here's another related question: why use locks at all? It seems that marking the service methods @Transactional suffices.
