I'd assume that you need to integrate your SASBIWS application with JAAS auth on your app server and reconfigure it away from anonymous auth. That way each http request should be treated the same way as they are with the SPWA.
I've never done this though. I chose to use the SPWA for things like this due to the fact that the default authentication setup is better and there are fewer overheads in terms of stuff like axis2 etc.
Registration is open! SAS is returning to Vegas for an AI and analytics experience like no other! Whether you're an executive, manager, end user or SAS partner, SAS Innovate is designed for everyone on your team. Register for just $495 by 12/31/2023.
If you are interested in speaking, there is still time to submit a session idea. More details are posted on the website.