Qiwi

How to pass CAS authorization on the QIWI website?

I do authorization on the QIWI website. You need to pass authorization through CAS.
New cookies should come, but they don't! The 3rd Request cannot be done correctly. I don’t understand what I’m doing wrong, I tracked requests with a sniffer, they go exactly the same. Help who can, I've been fighting for a week, I don't understand what's wrong.

Запрос 1:
POST - https://auth.qiwi.com/cas/tickets
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest

login=7**********&password=********

Ответ:  TGT-*****

Запрос 2:
POST - https://auth.qiwi.com/cas/tickets
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest

service=https://qiwi.ru/j_spring_cas_security_check&ticket=TGT-*****

Ответ:  ST-**********

Запрос 3:
GET - https://qiwi.ru/j_spring_cas_security_check?ticket=ST-**********
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest

Ответ:  
Status
401 Unauthorized Show explanation Loading time: 98
Request headers 
CSP: active
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.132 Safari/537.36
Content-Type: text/plain; charset=utf-8 
Accept: */*
DNT: 1
Accept-Encoding: gzip, deflate, sdch
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: ********************************КУКИ*********************************************

Response headers 
Date: Thu, 09 Jul 2015 14:35:31 GMT 
Content-Type: text/html 
Transfer-Encoding: chunked 
Connection: keep-alive
ETag: "559cf688-6de" 
Server: nginx-wallarm