Hi Vicenzo,
This would be the scenario:
- 1 SAP UI webapp
- 1 Java App exposing oData services
- 1 HANA Native XS exposing oData services
1 - You must configure 3 apps under a web proxy (SAP Web Dispatcher, IIS, Apache Proxy, etc) if apps are not deployed on the same server / domain. Only SSO cookie stay in web http headers under the same domain. It is possible also extract the cookie manually and put into all service requests: html5 - SAPUI5 and Logon Tokens/SSO? - Stack Overflow
2 - You must configure 1 Identity Provider in order to be able to log on to your system.
3 - You must configure SSO trust between your 3 apps and Identity provider.
When you log on to IP a logon ticket is generated, then you could access to your 3 apps.
Kind regards!