You should first get the authorization cookie manually (using curl, for example), then just add it to headers. We use Yandex.Tank for most of our load testing tasks. Here's an example of load.ini for your case:
[phantom]
address = abc.xyz.com
rps_schedule = line (1, 120, 15) const (120, 10m)
header_http = 1.1
headers = [Host: abc.xyz.com]
[Connection: close]
[Cookie:<here goes auth cookie>]
uris=/index.html
I think you could also do something similar with ab or jmeter.