Cannot pass cookies

Hi guys,

In BaseSimulation I have below code:

protected String url = “xxx”;
protected HttpProtocolBuilder httpProtocol = HttpDsl.http
CoreDsl.DenyList(“.\.js", ".\.css”, “.\.gif", ".\.jpeg”, “.\.jpg", ".\.ico”,
“.\.woff", ".\.woff2”, “.\.(t|o)tf", ".\.png”, “.\.svg",
.acceptEncodingHeader(“gzip, deflate”)
.contentTypeHeader(“application/json; charset=UTF-8”)
“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36”);

public static ChainBuilder getAuthenticate() {
return exec(
http(“first endpoint”)
.header(“Connection”, “close”)
.body(StringBody(“{ \n”
+ " "password": "xxx", \n"
+ " "username": "xxx" \n"
+ " }“))
http(“second endpoint”)
.header(“Connection”, “close”)
.header(“CSRF-Token”, “#{csrfToken}”)

public static ChainBuilder getAnalysis() {
return exec(http(“getAnalysis”)

protected static Map<String, String> HEADERS = Map.of(
“Accept”, “application/json”,
“Content-Type”, “application/json”,
“Cookie”, “JSESSIONID= #{JSESSIONID}; securityToken= #{securityToken}”);

In TestSimulation:

ChainBuilder getAnalysis =

ScenarioBuilder scn = scenario(“TestSimulation”).exec(getAnalysis);


How I can pass cookie from getAuthenticate (JSESSIONID and securityToken from second endpoint) to getAnalysis?

I read documentation about cookies but I don’t understand how I can fit it to my problem :slight_smile:

Thanks for help


No idea why you’re trying to do this yourself. Maybe some misunderstanding.

Gatling handles automatically cookies for you that where set by the server (Set-Cookie response header).
You only have to handle cookies manually when they are set manually by JavaScript in your real client, and you do so with the setCookie method, not by setting yourself the Cookie request header.


Thx for response, I doing myself because I received 401 on getAnalysis : )

I heard that Gatling should doing cookies automatically but it doesn’t work.

When I trying the same thing in Postman, I have in header something like this

JSESSIONID is definitely automatically handled as it comes from a Set-Cookie response header from the server.

Are you sure securityToken comes from a Set-Cookie response header too?

1 Like