This is a quick note to anyone using Safari 5.1 on the Mac: there has been an issue reported that JSAM fails to launch. It is currently unknown if this is an Apple issue or due to the mechanism used by JSAM to determine the browser/java plug-in.
We only recently became aware of this, with the release of 5.1 to the general public. If you would like, you can open a case with JTAC; however, I will try to keep this page updated as information is available regarding this.
Please open a case with Apple as well so that they are aware of the issue; if you receive feedback from them that it is definitely a Juniper issue, please open a case with JTAC and put the details received in the case notes (and if you don't mind, message me so I can follow it internally for tracking as well).
This is also tracked as http://kb.pulsesecure.net/KB21507 and logged-in users (including forum-only members) have the option to subscribe to this KB in order to stay updated on the latest changes for this issue.
Here is my workaround to get JSAM working on Lion.
1) Download and install Pacifist from: http://www.charlessoft.com/Pacifist.dmg
2) Download and Mount JavaForMacOSX10.6Update5 from http://support.apple.com/kb/DL1360
3) Download and Mount JavaForMacOSX10.7 from http://support.apple.com/kb/DL1421
4) Launch Pacifist and select Open Package
5) Select the mounted JavaForMacOSX10.6Update5.pkg
6) Hit install, when it prompts always select "Replace"
7) After it is complete, select Open Package and select the JavaForMacOSX10.7.pkg
8) When it prompts select "Replace"
9) You can copy Safari 5.0.5 from SL or if you do not have access to a SL machine
10) Download and mount Safari 5.0.5 from
11) In Pacifist select Open Package and select the Safari 5.0.5 pkg file
12) This time select Extract and place it onto your desktop
13) Go to the Safari5.0.5SnowLeopard folder on your desktop, inside of that you will see an Applications folder, open that and you will see Safari, you can rename this Safari, I named mine Safari 5.0.5 and copy it to your main Applications folder or whereever you want.
14) Launch this Safari and go to About and make sure it says 5.0.5
15) Try it out.
The MacWorld website has a document on reverting back to earlier versions of Safari such as 5.0.3 or 5.0.5, which work with JSAM. However, they are not for the faint of heart, requiring users to scour the internet in hopes of finding a version of Safari 5.0.x archived somewhere (since Apple does not make it available any longer) downloading that archive, using an additional $20 program to restore the older Safari.
In the comments section to the MacWorld article, an additional promising method is supplied (if the TimeMachine backup/restore is not available). When the newer version Safari 5.1 is installed, the system retains a zipped backup of the previous version in the /Library/Application Support/Apple directory. However, the file is named .SafariArchive.tar.gz. The dot at the beginning of the file causes it to be hidden from the gui finder window, so recovering it requires the user to open the command line and use native Unix commands to locate that hidden file, copy it elsewhere, and rename the copy. At that point, the user could then double-click the renamed file in the Finder to launch the Archive Utility to uncompress it and unpack it. Possible, yes, but not pretty.
I have tested this on Mac OS 10.6.8 Snow Leopard, but not Lion, and can confirm that 5.0.5 can be recovered and successfully used to access roles that use/launch JSAM.
This is an old topic, but just this morning I did a Software update on my MacLion machine and I can now connect to our SSL-VPN. It appears that the Safari update I got this monirng fixed the Java/Host Checker issue. I also had a report from one of our Snow Leopard/Safari 5.1 users that they are also now able to connect sucessfullty.
Thank you for the update; what version of Safari are you on now? Your snow leopard user?
My Safari shows 5.1.2 (on Lion). I'll see if I can ge tthe version from the SnowLeopard user. I will have access to a SnowLeopard MB on Monday that I am going to test as well...