Send post to java servlet using C# HttpWebRequest

I have task of uploading file to java servlet. I installed Fiddler to see where web requests are sent and what post data is sent. After logging into java servlet using HttpWebRequest GET method I receive in cookies SessionId. So I was using this SessionId in headers to create POST request to the web server where servlet is. But in response I receive message that "session is time out. Try to login again." But if I use application through user interface I have the one SessionId for all application which is sent in headers with each request. This application is running in bank so I was thinking if they have some security against scraping. Am I thinking in a right way? Any help will be appreciated. Thanks, Elena

Here is my code

CookieContainer cookieContainer = new CookieContainer();

        HttpWebRequest req = (HttpWebRequest)WebRequest.Create("http://go.tkygw.pcnet.smbc.local/MgbTokyoGateway开发者_如何学JAVA/Mgblinkmenu.aspx");
        req.Credentials = new NetworkCredential("GB54326", "elena83", "TKYGW");
        req.CookieContainer = cookieContainer;
        req.Headers.Add("Pragma", "no-cache");
        req.Headers.Add("Accept-Language", "en-gb");
        req.ProtocolVersion = HttpVersion.Version10;
        req.AllowAutoRedirect = true;
        WebResponse resp = req.GetResponse();
        //here in cookies I receive ASP.NET_session_Id and tkygw_intra
        HttpWebResponse webr = (HttpWebResponse)resp;
        StreamReader r = new StreamReader(resp.GetResponseStream(), System.Text.Encoding.UTF8);
        string res = r.ReadToEnd();
        resp.Close();

        NameValueCollection nvc = new NameValueCollection();
        nvc.Add("_PAGEID", "MWMAL1000P00");
        nvc.Add("_SENDTS", "1296208904759");
        nvc.Add("_TRANID", "AL1000T00P01");
        nvc.Add("_SUBINDEX", "-1");
        nvc.Add("_TARGET", "");
        nvc.Add("_FRAMID", "");
        nvc.Add("_LUID", "1296208904720");
        nvc.Add("_WINID", "root");
        nvc.Add("_TARGETWINID", "TIMEOUTW_300000_13");
        nvc.Add("CHK_FLG", "0");
        nvc.Add("BUTTON_NAME", "Corporate Card");
        nvc.Add("TITLE_NAME", "[AL1000]Main Menu");
        nvc.Add("DateFormat", "1");
        nvc.Add("BIZKEY", "AC");
        nvc.Add("H_REG_NUM", "");
        nvc.Add("H_TODO_DISP_MODE", "");
        nvc.Add("H_VIEW_CHANGE_FLG", "1");
        nvc.Add("H_SMVA_FLG", "0");
        nvc.Add("H_SWITCH_ID", "8837");
        nvc.Add("T_BOOKING", "8802");
        nvc.Add("T_CUSTOMER_ID", "109732");
        nvc.Add("P_DATE_FM", "1");
        nvc.Add("D_BA_CREDIT_MONITORING_DISABLED", "");
        nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
        nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
        nvc.Add("P_BLANKET_APPLI", "");

        HttpWebRequest req3 = (HttpWebRequest)WebRequest.Create("http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet");
        //here in cookiesContainer are 4 values: ASP.NET_session_Id , tkygw_intra
        req3.CookieContainer = cookieContainer;
        req3.Method = "POST";
        req3.Accept = "*/*";
       // req3.Headers.Add("Pragma", "no-cache");
       // req3.Headers.Add("Accept-Language", "en-gb");
        req3.AllowAutoRedirect = true;
        req3.KeepAlive = true;
        req3.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)";
        req3.ContentType = "application/x-www-form-urlencoded";
        req3.ProtocolVersion = HttpVersion.Version10;
        var sbPostData = new StringBuilder();

        if (nvc != null)
        {
            foreach (string key in nvc.AllKeys)
            {
                string[] values = nvc.GetValues(key);
                if (values != null)
                {
                    foreach (string value in values)
                    {
                        if (!string.IsNullOrEmpty(value))
                            sbPostData.Append(string.Format("{0}={1}&", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(value)));
                    }
                }
            }
        }
        var parameterString = Encoding.UTF8.GetBytes(sbPostData.ToString());
        req3.Referer = "http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet?_TRANID=AL0010P01C01";
        req3.ContentLength = sbPostData.ToString().Length;

        using (Stream requestStream = req3.GetRequestStream())
        {
            requestStream.Write(parameterString, 0, parameterString.Length);
            requestStream.Close();

            //nothig is received in cookies. Status of response 200 (OK), but on the web page is error that Session is Time OUT. Please Login again
            using (var response = req3.GetResponse() as HttpWebResponse)
            {
                using (var stIn = new System.IO.StreamReader(response.GetResponseStream()))
                {
                    //here I receive session Time Out. Please login again
                    string s = stIn.ReadToEnd();
                }
            }
        }

If you are uploading file using HttpWebRequest, you must specify content headers correct.

Content must be specified as Content-Type: multipart/form-data

sample snippet

   string DataBoundary = "-----------------------------" + DateTime.Now.Ticks.ToString("x"); 
    string contentType = "multipart/form-data; boundary=" + DataBoundary ;
    req.Method = "POST";
    req.ContentType = contentType ;
    req.UserAgent = userAgent;
    req.CookieContainer = new CookieContainer();
    req.ContentLength = formData.Length;

Check out this and this posts for more detail explanation