I'm
guessing that client and server sides have negotiated to use an authentication scheme other than username/password.
Looking at the source, Jsh is using these schemes by default:
config.put("PreferredAuthentications",
Util.getSystemProperty("jsch.preferred_authentications",
"gssapi-with-mic,publickey,keyboard-interactive,password")
);
Try specifying password authentication with:
session.setConfig("PreferredAuthentications", "password");
Also, the second parameter in Session#getSession() is
hostname, but your variable named is
url. Make sure this just contains just the hostname part (fqdn or IP address).
The source code for 0.1.72 can be found here:
jsch-0.1.72