One popular trend is when the software checks license validity on startup (or regularly) with the central server. This way you can revoke a compromised license. There are probably a number of services that will manage these licenses for you, I saw Esellerate used.
At the same time, any protection you add to your Java app can be easily reverse-engineered or simply overloaded, unless you go to great lengths obfuscating and securing the code. It is a very hard task and the results may not be worth the effort.
Some companies (e.g. one where I work) do not go to great lengths beyond basic license generation/verification code. A combination of trusting customers honesty and providing support only to valid license holders works well.