When Node.lock is performed on a mix:lockable node, the properties defined in that node type are automatically created and set as follows:
jcr:lockOwner is set to the user ID of the user who set the lock (this is the value returned by Session.getUserID).
jcr:lockIsDeep is set to reflect whether the lock is deep or not.
When Node.unlock is performed on a locked mix:lockable node, by a user with the correct lock token (see below) these two properties are removed. The identity of the holder of the lock token does not matter (it does not have to be the lock owner). Anyone with the correct token can remove the lock.
Additionally, the content repository may give permission to some users to unlock locks for which they do not have the lock token. Typically such “lock-superuser” capability is intended to facilitate administrational clean-up of orphaned open-scoped locks.
An attempt to call lock or unlock on a node that is not mix:lockable will throw a UnsupportedRepositoryOperationException.
An attempt to lock an already locked node or unlock an already unlocked node will throw a LockException.