Indeed I had to this before, but I don't like this way to log in. I guess we agree on that.
The way I got this working was by comparing the sent message headers from Firefox with the ones from java. In my case the cookies must be tweaked a little bit after receiving.
cookie = cookies.getValue().replaceAll(" path=/;", "").replaceAll(" HttpOnly, ", "");
passed that again with the method
Yes ugly, but as long as the web company does not provide decent authentication mechanism it is a work around.
BTW: this is with java HttpClient class. I had problems with cloudsecurity for defaultHttpClient.