Ok I'm trying to wrap my head around every way someone could breach my program.
Say the program is a classic stand alone three tier but I'm focused mainly on the authentication and connection between the client and server applications not the database.
Hopefully I've thought of them all but so far I've come up with the following.
Learning the server end by reading the client side application signatures.
Intercepting raw network packets. (including all the ways related)
Breaching the client or server machines via network.
Stealing a client's login information.
It seems simple so I ask should I be concerned with any other methods?
The people themselves (using the application) need to be educated enough to not do idiotic things like leaving browsers open and unattended and such. The biggest security hole you have is the people with authorization using the system.
Of course that shouldn't really be your concern, you should be dealing with the software part of security which is a lot more straightforward (use proper authentication techniques, apply encryption, etc.). Your question doesn't really have anything to do with Java programming.
> It seems simple so I ask should I be concerned with any other methods?
They steal your login information. Or you just give it to them because they seem legitimate. Or someone at your company does so.
They break into or just walk into the physical location of the server, and start messing with it. Or put it on a dolly and roll it out the door and mess with it at their leisure at some other location.
The client leaves the machine logged in for "just a second" as they run an errand and someone messes with the app.
They reconfigure the app to use their database not yours.
They steal the code, analyze it, and find a hole.