Passing the credentials in the URL was something we put as a sample a long long time ago before we had the iControl Library for Java. The proper way is to pass in a WWW-Autheticate HTTP header with an encoded version of the username/password. This is basically how forms based authentication works. I would recommend you go that route and not pass credentials in the URL. The iControl library for Java does just that.
Could you explain what you are trying to do and why you need to pass the credentials in the URL?
-Joe