I need to call a Web Method on an API I am using, and will locate this call to the API, on the server side, so that the API keys can be hidden. But, I still need to make A call from the client, and could make a wrapper function which implements my own security, then calls to the API securely.
I mean it is a common construction to work with a middle tier, imagine all databases applications will do that. The end user coomunicates to a web service and the webservice controls access to lower shells. The only point you have to take into account is, where the middel tier is executed, as java is (usually) a client executed language while others like php or aspx or executed on the server. So you have to make sure that your java codes (at leas the middle tier) runs on the server to be invisible by the client.