The SiteControl system has a base concept of a user which includes the users
name, persistent attributes (which are persistent via session), and support
for user logout.
It is assumed that you will be working from mod_perl, and some of the methods
require an Apache request object. The request object is used by some methods to
coordinate access to the actual session information in the underlying system
(for storing attributes and implementing logout).
User objects are created by a factory (by default
Apache2::SiteControl::UserFactory), so if you subclass User, you must understand
the complete interaction between the factory (which is responsible for
interfacing with persistence), the SiteControl, etc.
The default implementation of User and UserFactory use AuthCookie to manage the
sessions, and Apache::Session::File to store the various details about a user
If you are using Apache2::SiteControl::User and Apache::SiteControl::UserFactory
(the default and recommended), then you should configure the following
parameters in your apache configuration file:
# This is where the session data files will be stored
# This is where the locks will be stored
These two directories should be different, and should be readable and writable
by the apache daemon only. They must exist before trying to use SiteControl.