You should consider reaching out to your Aruba Partner for this design.
Your enforcement policy will require the following:
1- You need to create a custom date-time query to apply a session-timeout based on the remaining time on the 2 hrs using Time Source as your authorization source .
2- Use the day of the week as one the conditions using Time Source as your authorization source
3- Create a custom query on Insight to track the successful authentications within 24 hours and use that as one the conditions to whether or not allow 2hr access on that particular day of the week
Get Outlook for iOS