So the request isn't SOAP, but an HTTP GET, and SOAP would only be used in the response? See
this for an example SAAJ client, although that may not fit the bill if the request isn't actually SOAP. It also shows how to set HTTP Authentication headers (assuming that's what you mean by authentication).