Managerial Approval for User Connections to HTTP/HTTPS Devices
To enable managerial approval requests via email or mobile notification for users connecting to devices, the approvalRequiredForConnection property must be set as true on the device group that includes the target devices.
During the first log in to webpages that require managerial approval for the connection, an approval request email and notification message is sent to the manager. If the manager approves it, the request is valid by default for 3600 seconds. Logging in to the same webpage within this period does not require another approval.
Once this period (3600 seconds by default) has passed, a new approval email and notification message is sent to the manager. This duration can be set by editing the http.proxy.managerial.approval.cache.seconds parameter in the HTTP Proxy configuration file.
In addition, the messages displayed when users enter webpages requiring managerial approval can be edited by changing/entering the property values in the HTTP Proxy configuration file. The default settings are used when no changes were made. The table below lists the available values.
The parameters that can be configured for HTTP Proxy can be defined in the HTTP Proxy Configuration file by following these steps:
- Establish an SSH connection to the Single Connect server with pamuser. sudo vi /u01/http-proxy/conf/http_proxy.properties
- Edit/add the related parameter.
- Save the file and exit the vi editor.
- Restart the HTTP Proxy using the command: sudo systemctl restart pam-http
Parameter Name | Description |
|---|---|
http.proxy.approval.rejected.message | The message sent to the user if the manager rejects the request. |
http.proxy.approval.required.message | The message indicating that managerial approval is required to access the specific webpage . |
http.proxy.waiting.manager.message | The message displayed when managerial approval is pending. |

