auth_getSession fails for someone else's account

What steps will reproduce the problem?
1. I can use my account to loggin Facebook without browsers and get a 
successful session (pls see the codes below).
2. when I use someone else's accout(email & pass) to do the same thing, 
however auth_getSession() fails!

my code is :

String token = client.auth_createToken();

            String myurl = "http://www.facebook.com/login.php?
api_key=" + API_KEY + "&v=1.0" + "&auth_token=" + token;

            URL url = new URL(myurl);
            HttpURLConnection httpURLConnection = 
(HttpURLConnection)url.openConnection();
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.setRequestProperty("User-
Agent", "Mozilla/4.0(compatible; MSIE 7.0; Windows NT 5.1; GTB6)");
            httpURLConnection.setRequestProperty
("Host", "www.facebook.com");

            String cookie = null;
            httpURLConnection.connect();  
            if(cookie == null)
            {
                int i = 1;
                String key = null;
                while((key = httpURLConnection.getHeaderFieldKey(i))!
=null){
                    if(key.equals("Set-Cookie")){
                        String sCookie = 
httpURLConnection.getHeaderField(i);
                        if(cookie == null)
                        {
                            cookie = sCookie;
                        }
                        else
                        {
                            cookie += ";" + sCookie;
                        }                       
                    }
                    i++;
                }  
            }

            url = new URL("http://www.facebook.com/login.php?");
            httpURLConnection = (HttpURLConnection)url.openConnection();
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setRequestProperty("User-Agent", "Mozilla/4.0
(compatible; MSIE 7.0; Windows NT 5.1; GTB6)");
            httpURLConnection.setRequestProperty
("Host", "www.facebook.com");
            httpURLConnection.addRequestProperty("Cookie", cookie);
            //String paramString = "api_key=" + API_KEY + "&auth_token=" + 
token + "&email=******&pass=*****&v=1.0"; 
            String paramString = "api_key=" + API_KEY + "&auth_token=" + 
token + "&email=$$$$$$$&pass=$$$$$$$$$&v=1.0"; 
            String size = Integer.toString(paramString.length());
            httpURLConnection.setRequestProperty("Content-Length", size);
            httpURLConnection.setRequestProperty("Content-
Type", "application/x-www-form-urlencoded");

            httpURLConnection.setDoOutput(true);   
            httpURLConnection.connect();
            OutputStream httpOutputStream = null; 
            httpOutputStream = httpURLConnection.getOutputStream();   
            httpOutputStream.write(paramString.toString().getBytes("UTF-
8"));
            httpOutputStream.flush();

            StringBuffer httpResponse = new StringBuffer();         
            BufferedReader httpBufferedReader = new BufferedReader(new 
InputStreamReader(httpURLConnection.getInputStream(), "UTF-8"));
            httpResponse.append(readBufferedContent(httpBufferedReader));
            System.out.println(httpResponse.toString());

            /*
            Runtime.getRuntime().exec("cmd /c start 
iexplore  " + myurl);
            System.in.read();
            */

            String session = client.auth_getSession(token, true);

What is the expected output? What do you see instead?
Is there any difference for diffent logon infos? Or maybe the api_key can 
just be accessed by the owner?
Confused...

What version of the product are you using? On what operating system?
2.1.1 & 1.6

Please provide any additional information below.
I create a very simple facebook application, just for retrieving the 
API_KEY and API_SECRET.
Original issue reported on code.google.com by thsslxf@gmail.com on 17 May 2009 at 4:10
huuanh1987 / facebook-java-api

auth_getSession fails for someone else's account #206
