SAP HANA Connection

Configure connections to SAP HANA databases for source and target data operations.

Overview

The Synthesized Platform connects to SAP HANA using JDBC. Both source (input) and target (output) connections are configured as data sources in the platform.

Connection Configuration

JDBC URL Format

jdbc:sap://hostname:port/?databaseName=SYSTEMDB

Components:

Component Description

Component	Description
`hostname`	SAP HANA server hostname or IP address
`port`	Instance port (typically 3`<instance>`15, e.g., 39015 for instance 90)
`databaseName`	Database name (SYSTEMDB or tenant database name)

hostname

SAP HANA server hostname or IP address

port

Instance port (typically 3`<instance>`15, e.g., 39015 for instance 90)

databaseName

Database name (SYSTEMDB or tenant database name)

Common Port Numbers

Instance	Port
Instance 00	30015
Instance 01	30115
Instance 02	30215
Instance 90	39015

Connection Examples

Single-Container System

jdbc:sap://saphana.company.com:30015

Multi-Tenant Database Container (MDC)

jdbc:sap://saphana.company.com:30015/?databaseName=TENANT01

With SSL/TLS

jdbc:sap://saphana.company.com:30015/?encrypt=true&validateCertificate=true

Adding a Data Source

Via the UI

Navigate to Data Sources in the main menu
Click Add Data Source
Select SAP HANA as the database type
Enter connection details:
- Name: Descriptive name (e.g., "SAP Production")
- JDBC URL: Connection string
- Username: Database user
- Password: User password
Click Test Connection to verify
Click Save

Via API

POST /api/v1/datasources
{
  "name": "SAP Production",
  "dialect": "SAPHANA",
  "jdbcUrl": "jdbc:sap://saphana.company.com:39015",
  "username": "TDK_USER",
  "password": "secure_password",
  "properties": {
    "encrypt": "true"
  }
}

Required Permissions

Source Database (Read)

-- Create user for TDK
CREATE USER TDK_USER PASSWORD "secure_password";

-- Grant schema read access
GRANT SELECT ON SCHEMA SAP_SCHEMA TO TDK_USER;

-- Grant system view access for metadata
GRANT SELECT ON SYS.SCHEMAS TO TDK_USER;
GRANT SELECT ON SYS.TABLES TO TDK_USER;
GRANT SELECT ON SYS.TABLE_COLUMNS TO TDK_USER;
GRANT SELECT ON SYS.CONSTRAINTS TO TDK_USER;
GRANT SELECT ON SYS.INDEXES TO TDK_USER;
GRANT SELECT ON SYS.REFERENTIAL_CONSTRAINTS TO TDK_USER;

Target Database (Write)

-- Create user for TDK
CREATE USER TDK_USER PASSWORD "secure_password";

-- Grant full access to target schema
GRANT ALL PRIVILEGES ON SCHEMA TARGET_SCHEMA TO TDK_USER;

-- Or create schema if needed
GRANT CREATE SCHEMA TO TDK_USER;

-- For schema creation mode
GRANT CREATE ANY ON SCHEMA TARGET_SCHEMA TO TDK_USER;

Same-System Deployment

When input and output are on the same SAP HANA system:

-- User needs read on source schema
GRANT SELECT ON SCHEMA SAP_PROD TO TDK_USER;

-- User needs write on target schema
GRANT ALL PRIVILEGES ON SCHEMA SAP_TEST TO TDK_USER;

Connection Properties

Security Properties

Property Description Default

Property	Description	Default
`encrypt`	Enable SSL/TLS encryption	false
`validateCertificate`	Validate server certificate	true
`hostNameInCertificate`	Expected hostname in certificate	hostname
`trustStore`	Path to trust store file	-
`trustStorePassword`	Trust store password	-

encrypt

Enable SSL/TLS encryption

false

validateCertificate

Validate server certificate

true

hostNameInCertificate

Expected hostname in certificate

hostname

trustStore

Path to trust store file

trustStorePassword

Trust store password

Performance Properties

Property Description Default

Property	Description	Default
`packetSize`	Network packet size	131072
`statementCacheSize`	Prepared statement cache size	1024
`reconnect`	Auto-reconnect on failure	true

packetSize

Network packet size

131072

statementCacheSize

Prepared statement cache size

1024

reconnect

Auto-reconnect on failure

true

Example with Properties

jdbc:sap://saphana.company.com:39015/?encrypt=true&packetSize=262144&reconnect=true

Same-System Configuration

When using the same SAP HANA system for input and output with different schemas:

Workflow Wizard Behavior

The wizard automatically detects same-system deployments:

Input Connection selected
Output Connection = same as Input
Input Schema = SAP_PROD
Output Schema = SAP_TEST (different from input)

Generated Configuration

metadata:
  schemas:
    - input: SAP_PROD
      output: SAP_TEST

tables:
  - table_name_with_schema: "SAP_PROD.MARA"
    transformations:
      # ...

The platform automatically:

Reads from input schema
Writes to output schema
Maps table references appropriately

SSL/TLS Configuration

Trust Store Setup

Export the SAP HANA server certificate
Import into a Java trust store:

keytool -import -alias saphana \
  -file saphana_cert.pem \
  -keystore truststore.jks \
  -storepass changeit

Connection String with Trust Store

jdbc:sap://saphana.company.com:39015/?encrypt=true&trustStore=/path/to/truststore.jks&trustStorePassword=changeit

Via Environment Variables

export JAVAX_NET_SSL_TRUSTSTORE=/path/to/truststore.jks
export JAVAX_NET_SSL_TRUSTSTOREPASSWORD=changeit

Troubleshooting

Connection Refused

Symptoms: Unable to connect, connection refused error

Solutions:

Verify hostname and port are correct
Check network connectivity: telnet hostname port
Verify SAP HANA is running: sapcontrol -function GetProcessList
Check firewall rules allow the connection

Authentication Failed

Symptoms: Invalid credentials error

Solutions:

Verify username and password
Check user is not locked: SELECT * FROM SYS.USERS WHERE USER_NAME = 'TDK_USER'
Reset password if needed: ALTER USER TDK_USER PASSWORD "new_password"

Permission Denied

Symptoms: Insufficient privileges error

Solutions:

Review required permissions above
Grant missing permissions
Verify schema names are correct

-- Check user permissions
SELECT * FROM SYS.EFFECTIVE_PRIVILEGES
WHERE USER_NAME = 'TDK_USER';

SSL Handshake Failed

Symptoms: SSL/TLS error during connection

Solutions:

Verify certificate is valid and not expired
Check trust store contains the correct certificate
Ensure validateCertificate=false for self-signed certificates (not recommended for production)

Slow Connection

Symptoms: Connection takes long time to establish

Solutions:

Check network latency to SAP HANA server
Increase packet size for better throughput
Consider connection pooling settings

Best Practices

Use Dedicated Users

Create separate database users for TDK:

Different users for different environments
Minimal permissions required
Easy to audit and revoke

Secure Credentials

Store passwords securely:

Use secret managers (HashiCorp Vault, AWS Secrets Manager)
Never store plain text passwords
Rotate credentials periodically

Learn about Secret Managers →

Test Connections Before Workflows

Always test connections before creating workflows:

Use "Test Connection" button in UI
Verify read permissions on source
Verify write permissions on target

SAP HANA Connection

Overview

Connection Configuration

JDBC URL Format

Common Port Numbers

Connection Examples

Single-Container System

Multi-Tenant Database Container (MDC)

With SSL/TLS

Adding a Data Source

Via the UI

Via API

Required Permissions

Source Database (Read)

Target Database (Write)

Same-System Deployment

Connection Properties

Security Properties

Performance Properties

Example with Properties

Same-System Configuration

Workflow Wizard Behavior

Generated Configuration

SSL/TLS Configuration

Trust Store Setup

Connection String with Trust Store

Via Environment Variables

Troubleshooting

Connection Refused

Authentication Failed

Permission Denied

SSL Handshake Failed

Slow Connection

Best Practices

Use Dedicated Users

Secure Credentials

Test Connections Before Workflows

See Also