I think your approach is some what not right,
Authenticate the user using
jsp or sevlets before he launches your jnlp file,
or authenticate using swing after your gui starts,
placing the user name and password in your html file and passing them as params to your jnlp file is something strange and not well thought out
and more over you cannot pass params to you jnlp file from html, they have to be placed inside your jnlp file
hope that helps
cheers,
parthi