I once interviewed one developer and he told me about the project he was worked in the past where they handled exactly this problem. They used separate backend daemon process which would maintain persistent database connections each of them tied to individual user session. This way it was no brainer to use transactions and locks across multiple HTTP requests.
As a matter of fact, merlyn has a column on that. However, it's not scalable for large systems because it requires so many resources to be kept alive on the server side for every client. It also makes failover between servers impossible.