The security is tied to the database connection. The primary reason for this is so that you can use an application-specific database-user to help limit and properly define the security for that application.
The intention is that for multiple applications you would create multiple database accounts (e.g. appHR, appCRM, appFinanceAudit, etc...) with each account focused on the needs for that application. This is true even if all of the applications are in exactly the same database and use some common tables.
Not only does that improve the application security, but it also means that dbFront has to load and manage fewer database objects per application.
Using a single database connection for multiple applications seems more efficient but it has the potential to create problems with separation of concerns, performance and security.
For those reasons I have decided to skip this request.
