Hi Experts,
Description of our case:
There is a single, productive HCP instance with one HANA XS database, one Java and one XSJS application. To run the applications, some data from multiple on-premise SAP systems must be obtained using multiple HANA Cloud Connectors. For this reason multiple accounts within this instance have been created. It is possible to use database as well as Java and XS app only from the main account, so all new accounts have been subscribed to the Java app and users are now able to run the Java app hosted on main account using dedicated URL (each account receives dedicated URL). Java app hosted on the main account is then able to obtain data from multiple Cloud Connectors and to recognize by which account it has been executed.
The issue:
Data obtained from each Cloud Connector must be separated, so there are dedicated schemas created within main database. Each user and account should have access only to the dedicated schema and Java app as well as XS app should automatically use only data from schema which is 'mapped' to the user. How to implement such accounts mapping and to disallow access to any schema which should not be used by the particular account? Is there any mechanism in HCP which would allow to implement such process in a secure way? There is no multi-tenant database available on productive HCP instances, so unfortunately tenants cannot be used in this case.
Do you have any idea about possible implementation for the above case?