<%args>
  $__session_id => undef
</%args>
% if ($m->request_comp()->title() !~ /^\/binary\//) {
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
  <head>
    <title><& SELF:title, %ARGS &></title>
    <link rel="stylesheet" 
          title="default" 
% my $path = $m->request_comp()->dir_path();
%    $path = substr ($path, 1);
%    $path =~ s/[^\/]+/../g;
%    $path .= "/" if (length $path);
          href="<& /lib/url.mhtml, 
                   path => "${path}css/openxpki.css",
                   no_session => 1 &>" 
          type="text/css" />
    <& /lib/javascript.mhtml &>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    <meta http-equiv="Content-Script-Type" content="text/javascript"/>
  </head>
  <body <& SELF:onload, %ARGS &>>
    <div id="page">

      <div id="header">
        <img src="<& /lib/url.mhtml, 
             path => "${path}images/openxpki_logo.png",
             no_session => 1 &>"
             alt="OpenXPKI"/>
      </div> <!-- header -->
% }
<%perl>
    ## if the session is present or faked and
    ## the user tries to penetrate the server then
    ## nothing will happen because the server simply
    ## asks for login and terminates the session
    ## if the authentication is not ok
    ## IMPORTANT: the server and not the client enforces the security
    ## EXCEPTION: if shibboleth is in use then the client forwards
    ##            the session id from its environment (a session injection
    ##            from the browser is not possible)
    if (defined $context and
        exists $context->{session_id} and
        length $context->{session_id})
    {
       $m->call_next;
    } else {
       $m->comp('/authentication/autohandler', '__session_id' => $__session_id);
    }
</%perl>
% if ($m->request_comp()->title() !~ /^\/binary\//) {
      <div id="footer">
      </div>
    </div>  <!-- page -->
  </body>
</html>
% }

<%init>
    ## if there is a session and we are not in the authentication process
    ## then re-use the session
    if (defined $__session_id and
        0 > index ($m->request_comp()->title(), "authentication/"))
    {
        $m->comp('/authentication/session.mhtml', '__session_id' => $__session_id);
        $m->comp('/authentication/role.mhtml') if ($context and not exists $context->{role});
    } else {
        undef $context;
    }
    $m->comp ('/lib/language.mhtml', "session_id" => $__session_id);
</%init>

<%flags>
  inherit => '/syshandler'
</%flags>

<%method title>
  OpenXPKI
</%method>

<%method onload>onload="enumCSP()"</%method>
