Secure way for database calls between client-side and server-side in JAVA & Servlet?
i am builds a java chat application , based on Java Secure Sockets and JavaFX and use Derby Database on the server side to record the members in the database ,
My Question is , how i make a secure connection between the Client Side Applet and the Server Side ? instead of the direct connection to the remote database from the client side to the server side ?
i had an idea to use Servlet as a Remote API , and calling it from the client side , and tell it the command to run it in the remote database on the server ?
Is this method Safe and Secure ? but i am worry about that may a bad people try to fetch the API URL , and try to call it badly and add wrong records to the database without needs to login the client-side application and try to hack the database ? so how i secure my self from this matter ? with notice that the client-side Application may be installed in many computers , so don't tell me to secure the API by determine the remote IP which capable to connect via the API :)
And if there are any other more secure methods please tell me
Thank you ,