I'm not quite sure why your form wasn't posted.
One thing to note, however, is that you should be Url-Encoding your form fields if you're submitting it with a Content Type of "application/x-www-form-urlencoded":
ut = CreateObject ("roUrlTransfer")
postContent = "username=" + ut.Escape (username) + "&password= " + ut.Escape (password)
Also, you have a lot of AddHeader statements, not all of which are necessary, as the Roku will provide many of the headers itself. I do know that it's safe to change the User-Agent header, but I'd try leaving out the others unless you find a compelling reason to include any of them.
As far as the cookies are concerned, in most of the work I did with cookies I handled them manually. I didn't use EnableCookies, etc. because I wanted my code to run on the older 3.1 firmware. I would assume though that if you use EnableCookies then the "cookie cache" should be able to handle sending the Cookies back to the server, although I can't confirm that.
Another issue with logging in with a username and password is the authentication mechanism used by the server. I've not come across many servers that send plain text usernames/passwords over an unencrypted Http connection. Even many servers that use encrypted Http will use some form of authentication (Basic, Digest, etc.) You should make sure that you are using the same form of authentication that your server requires.
