Basically I need to programmatically authenticate the call.

I'd assume that you need to integrate your SASBIWS application with JAAS auth on your app server and reconfigure it away from anonymous auth. That way each http request should be treated the same way as they are with the SPWA.

I've never done this though. I chose to use the SPWA for things like this due to the fact that the default authentication setup is better and there are fewer overheads in terms of stuff like axis2 etc.