I have created a Jmeter 5.3 script. The login works fine but after that i am getting > Response code:403 Response message:Forbidden error for the subsequent requests.
In the past, it worked when I added X-XSRF-TOKEN to the header manager. Now it is not working even with that. Any input is appreciated.
Request Body: POST https://rrsso.secure.com/cargobkgwar/services/userroles/lookup
POST data: {"ReferenceMenuController":{},"QueueConsoleController":{},"MasterTableListController":{},"MasterTableEditController":{},"SampleUsageController":{},"SampleUserListController":{},"SampleUserEditController":{},"SampleChartController":{},"UpdatePasswordController":{},"UserPropertiesListController":{},"UserPropertiesEditController":{},"AccessDeniedController":{},"SubRulesController":{},"RuleHistoryController":{},"AboutReleaseController":{},"ReleaseNotesController":{},"ConsoleController":{},"BookingController":{},"AvailabilityController":{},"BookListController":{},"ManageOfferController":{},"FlightDetailsController":{}}
Cookie Data: XSRF-TOKEN=KZ7uJQ08xDTWQhu2nsWQ4IzhFOHcStIfAVAPrQKNrzHCtWBmnKiz!-568463951!320078472!1610313174332; OAMRequestContext_rrsso.secure.com_443_4f3161=O1a944lrqSv4egD4G2UQpw==; OAMAuthnCookie_rrsso.secure..com_443=aa0c56de9b268c931dc75b986d223a7e955e3921%7E%2B0M7rZF1h6Jboy7dqRl2h1uo79QylW3InDZDfhF8do%2BKb8eELTLFhztLsMtzY%2F%2BFFkt0tS9o%2FuZ7%2Fb4AxFv4FBWDwoICNgZLjeTVzywXc7VWZ75seHp4GdfSVMjlZ3PR45ywO2BC4SXTO9Ol6REN1RUHl6Uc1oMKx7cubZ8AwLZRWhHobuPPopHSCR8O0Q5%2BJQitbg9dC6QrtjlyE%2FnEcicF6B2U%2BOxHxGGiPzxgWrXeMMX8%2Fw1l28lv8L3q1XMekNTlktebGG7MjOrRg7n7x6kqkJMszhGNv8PvE2UASIFDEsTUS%2BjOegew04dLd0BNYk4kL1TzbuJ3F7%2F3dmvpDim3x%2FwTZ8hoyAhjaPy%2FD1i8Lm654%2BOaZJ%2Bza26t9LO0TGgI9OwabeEn89ybtRW5iA%2FmCvgWDrT8lbGbLJ8fs7x%2FYeJ46AWTiomTP7z0%2FnqtRHm14i8hDAkfzXhwhejk75IozsMMwCyUk6jKhxWj8qZ15%2FKDe%2BV5jWl04k7ErrSwenJYyFKw8dUCG1U5Non%2FwQ%3D%3D; OAMAuthnHintCookie=1; rm-sso-uid=8l5lXRW2YxKfuwHXE4THdltQbd8kifYI; JSESSIONIDBLS=nebuJQ8PrrhKt4HoYXoPlUSqNo1AtRa9EkoybY3WWTutoHP3pAjv!-568463951!320078472; OAM_GITO=GymRbSnLNbhmOaJnOtP9Rw==~9FyIDXwulQBrBv/FQ/0rfKchN2m08TUmNp9ddjOkMzM6p2jM6TRFIX9pTtILuE52BqpRjbHMX9vWA9OXWezYsk9hLj+YvdAvdOcNWDQRwy+szPoGp8Ydt6vfHzK7dFTIgqgNVobqZSe0bH2j0kiXfOI4o2ueWplCBOaX03UxRwNpwAPbtpHU0dbwzjE/UYxu+A/ftlSKBGS/8HmrvwPbBgNnLLprD2Mp1fS8s7InvMM=
REquest Header: Connection: keep-alive Referer: https://rrsso.secure.com/cargobkgwar/modules/welcome.html Accept-Language: en-US DNT: 1 Pragma: no-cache Accept: application/json, text/javascript, /; q=0.01 X-Requested-With: XMLHttpRequest Content-Type: application/json; charset=utf-8 Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; Touch; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; Zoom 3.6.0; wbxapp 1.0.0; wbx 1.0.0; Zoom 3.6.0) X-XSRF-TOKEN: ${COOKIE_XSRF-TOKEN} Content-Length: 621 Host: rrsso.secure..com
REsponse Body: [{"message": "Unauthorized Access"}]
Response Header: HTTP/1.1 403 Forbidden Date: Sun, 10 Jan 2021 21:12:55 GMT Server: Apache/2.4 Set-Cookie: OAM_GITO=kGd/kyTPdkJwTv2i9WGraw==~sk4miutnl6uMea23C23aaELnRjNIe6GuJrzwgOeCmMWmJg3XEeS513k1yRTnvIzjqiYhuTZ8F/dZ/xA14Sgmm+TyoevctBX7jQDWIDlq9U6QKmMVXDPwEN2MNTjgWMNSPIaCpBgOX5LNupmZIXrygeONgoUQEgLZhsJkdXOJIVtshV8PLkNn+eGaYmtyVJAZCspGUocjSDXJzEh/wwRTZQUFruOMgSYqSo8QGIRfYOE=;Domain=.com; path=/ Content-Length: 36 Vary: Accept-Encoding Keep-Alive: timeout=8, max=1016 Connection: Keep-Alive Content-Type: application/json
