Apache2::SiteControl::User(3) User representations


my $user = Apache2::SiteControl->getCurrentUser($r);
# $r is the apache request object
# Checking out the user's name:
if($user->getUsername eq 'sam') { ... }
# Working with attributes (session persistent data)
my $ssn = $user->getAttribute('ssn');
$user->setAttribute($r, 'ssn', '333-555-6666');
# Removing/invalidating session for the user


The SiteControl system has a base concept of a user which includes the user's name, persistent attributes (which are persistent via session), and support for user logout.

It is assumed that you will be working from mod_perl, and some of the methods require an Apache request object. The request object is used by some methods to coordinate access to the actual session information in the underlying system (for storing attributes and implementing logout).

User objects are created by a factory (by default Apache2::SiteControl::UserFactory), so if you subclass User, you must understand the complete interaction between the factory (which is responsible for interfacing with persistence), the SiteControl, etc.

The default implementation of User and UserFactory use AuthCookie to manage the sessions, and Apache::Session::File to store the various details about a user to disk.

If you are using Apache2::SiteControl::User and Apache::SiteControl::UserFactory (the default and recommended), then you should configure the following parameters in your apache configuration file:

   # This is where the session data files will be stored
   SiteControlSessions directory_name
   # This is where the locks will be stored
   SiteControlLocks directory_name

These two directories should be different, and should be readable and writable by the apache daemon only. They must exist before trying to use SiteControl.


getUsername Get the name that the current user used to log in.
getAttribute($name) Get the value of a previously stored attribute. Returns undef is there is no value.
setAttribute($request, $name, $value) Add an attribute (scalar data only) to the current session. The current apache request object is required (in order to figure out the session). Future versions may support more complex storage in the session. This attribute will stay associated with this user until they log out.
logout($request) Log the user out. If you do not pass the current apache request, then this method will log an error to the apache error logs, and the user's session will continue to exist.


This module was written by Tony Kay, <[email protected]>.


This modules is covered by the GNU public license.