WSS Agent is used on MacOS to send traffic into SAC.
Users bypass WSS completely for web traffic by adding IP bypasses for 184.108.40.206/1 and 220.127.116.11/1 - only need to forward SAC destined traffic into WSS.
SAML enabled on WSS but instead of getting the SAML IDP server login page, a blank page is returned.
HAR file shows user request to http://pod.threatpulse.com but instead of a redirect, we get a 204 response with no payload (hence the blank page).
WSS Agent 8.2.1.
SAML Authentication to Okta IDP server.
SAC integration with WSS.
WSS IP address bypass causes DNS requests returned to be ignored by the WSS Agent, causing requests to pod.threatpulse.com to go direct to the host and not via WSS.
Apply WSS Agent 9.0.62+.
This addresses an issue where we will intercept DNS requests for the required bypass domains.
WHen troubleshooting WSS Agent SAML issues on the MacOS, it's important to run Symdiag and the grab the HAR file in parallel.
The HAR file is obtained by running the following 2 commands on the MacOS terminal first, and then rick clicking the blank page (or IDP login page) and selecting the INSPECT option:
sudo "/Applications/Symantec WSS Agent.app/Contents/MacOS/wssad" -p signalAction=enableWebViewDevTools
sudo killall -SIGUSR2 com.symantec.wssa.wssax
Note that HAR file often cannot be exported from MacOS when problems occur, and hence it is important from the user to take screenshots of the requests/responses. This can be used to confirm we get 307 redirects to saml.threatpulse.com and not 204s that trigger blank pages.