Note that Userlookup is no longer a separate library, and all of its functionality is now included in the SSOClient library.
Userlookup is a small Java API that allows other Java programs to retrieve user information from SSO. The big difference between Userlookup and the SSOClient API is that userlookup is no longer used (as of SSOv3) to get information about logged in users.
Userlookup is basically used whenever you have a usercode stored somewhere, most likely a database, and need to dynamically find out attributes for that user. There will still be methods in the Userlookup API that allow the discovery of logged in users via the getUserByCookie() and getUserByToken() method, but they have been deprecated and we'd like to phase them out.
There is also a method on Userlookup with allows the checking of usernames and passwords. This has always been the primary method for allowing websites to have their own login screens, but we are also phasing this out and in the future will force all logins through the central login screen located on https://websignon.warwick.ac.uk/.
Userlookup will return a User object which has a number of methods for retrieving those users attributes. As this User object is the same one that is returned by the SSOClient API for logged in users, it will be documented here: User documentation.