Ok, there is one way: Let user use your proxy with connect support to get session cookie and then let user to input cookie value to service running though same proxy. Depending whether anything else than IP is checked this should work. Mtgox.com doesn't seems to be vulnerable to session fixation, so the even easier way is probably not possible.