ou must allow VAP to access the website this is done through the user interface in VAP where you specify some settings to share access to VAP Gateway.
If you do not have any VAP service, please visit section 1 above.
Then open your VAP service and go to Admin menu.
If your service is enabled for web app support you will see ‘Manage webs’ and could start plugging in your web apps following the steps bellow.
If your service has not enabled ‘Manage webs’ please contact VAP team to enable it.
First, you need to connect your web apps in Manage webs
Click Manage webs and then click ‘Create a new web app connection’ to set up a connection to your web app.
Please see section ‘Limitations’ for more detailed explanations of what is supported in this version.
You see an empty list the first time you open ‘Manage Webs’ Later a list of already set up web apps in this service.
Click ‘Create new web app connection’
Define your web app in the user interface. Please check the ‘?’ tooltip for detailed explanations of the different settings.
You must accept terms of use before you can save your settings.
Please visit the section bellow ‘Can you support all type of web apps?’ to learn more.
Second, click Manage Reports to define properties
Here you will link your web apps and define properties and menu names. Here you start to define how your user will interact with your web apps.
Row level security parameter can be set up to control what the user should be able to see.
This is very useful when you do not like to share the same content to all users and have set up role-based access control in your web apps. In Manage report you set up parameters by defining name(s) and datatype(s). In Manage Entity you add values to be sent to your web apps to limit the data presented based on these parameters.
Your web apps can live side by side with other content supported in VAP. Here’s an example of a web app set up where the menu name has been set in Manage Report to be ‘Python’
Third, click Manage Entity
An entity refers to how you group and structure your content
It represents a top-level concept, such as company, clients, projects, or assets
One entity can contain one or several different content elements set up in the section above
Demo entity shown above have 4 content elements. Energy Transition Outlook – Power BI, Image Marketing flyer, PDF document and Python web apps, that is the selected menu. The end-user navigates between the elements using these menus.
Here in Manage Entity you select one or several content you set up in Manage Report to be shared as a group or as a single content.
If you have set up role-based access control in your web apps and in Manage Report then you will be asked to pass in values to these parameters here in Manage Entities, using the fields Type Property Value Setting
Four, click Manage User
Here you create users, assign role, and share access to one or several entities. What your user see on their HOME menu is just the entities you have shared with him/her, nothing else. Remember to chare access to yourself too.
Five, view the report from Home
Now it’s time to check your web app from Home. Remember to share the entity to yourself too (the section above).
DNV users need to connect through VPN
DNV users please remember to connect through VPN to view the web apps.
You must allow cookies in your browser
If it’s not done you will receive this notification and see an icon in the header of your browser, in the field where your URL are located. Please allow it. Then refresh the screen and it will load and present the web app.
If your web app is hosted through One-Gateway. One-Gateway has its authentication, after authentication, it will write a cookie as a gateway token. Without the cookie, VAP can’t access your web app. VAP do this semi manual each day in version 4.0. We need to collaborate One-Gateway team when the hosting is set up to open up access for VAP. When done VAP team could remove the manual step and do this in the background. Then each day the new token will be retrieved from One-Gateway for web-apps hosted there.
Note: Please allow popup page in browser. When login, a new page (or tab) will popup, automatically proceeding with the login process. After logging in, the new page (or tab) will be automatically closed.
My VAP service does not show Manage webs, why? Not all VAP tenants have enabled web app support
If you do not see Manage Webs, please get in touch with the VAP team. We will enable it for you.
Can you support all type of web apps?
In Manage webs, you set up the connection to your web app and there are a few limitations.
Some web applications need login first. It returns a 302 HTTP status code when first load; the browser then redirects to IDP page (such as Veracity login page) to login. VAP proxy still can’t handle web application return 301/302/307/308 HTTP status code, so can’t support this type of web application. This is because if the browser jumps to another web site, the request will not be sent to proxy, the proxy will lose control of this web app. But VAP proxy already provides the authentication/authorization mechanism. It means any web app, when the first load, need login to Veracity first. So, no need for a client web application fulfils its own authentication.
Some web applications use JavaScript to manipulate their URL, this may make the VAP proxy works incorrectly. Because VAP proxy adds a GUID in the web app’s URL (format is like https://proxydomain/{guid}/path). The proxy Uses this GUID to match the target web application’s URL. If this URL is changed by JavaScript, the proxy will lose the necessary information to locate the target web application.
Note: Single Domain Web App doesn’t have this limitation.
Configure Root URL with scheme: https, not http. Http request is not safe and will be redirected to ZSCALER by IT policy.
VAP Proxy does not support WebSocket connection.
What is WebSocket? (https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API)
The proxy will send RLS http header, and custom http headers, together with some headers added by Azure, to the target web applications. If target web applications have set a limit for request http header count which is less than the actual header count it received from VAP proxy, it may reject proxy’s request.
If web application uses absolute URL in HTML file, should keep in mind that request will go outside of proxy scope. It is not proxied by VAP.
For example, a page link is as below:
This page request will not send to VAP proxy. In the VAP home page, after clicking this link, you will see a page which is not been proxied.