I've tried the snippet above as well. It doesn't seem to try to authenticate. When I check the role on the controller, it still has the initial role.
<form name="form1" method="post" action="/auth/index.html/u">
<span class="bodytext">
<input type="hidden" id="email" name="email" type="text" value="user@company.com" class="text" accesskey="e" />
<input type="hidden" name="cmd" value="authenticate" />
<input type="submit" name="Login" value="I ACCEPT" class="button" />
or
<form name="form1" method="post" action="/auth/index.html/u">
<span class="bodytext">
<input type="hidden" name="user" id="user" type="text" value="user1" class="text" accesskey="u" />
<input type="hidden" id="password" name="password" type="text" value="passwd1" class="text" accesskey="p" />
<input type="hidden" name="cmd" value="authenticate" />
<input type="submit" name="Login" value="I ACCEPT" class="button" />
Neither seems to work. I would think I would get an error trying to login if it failed. It just takes me to https://{CPPM.ip}/tips/welcome.action screen.