? is bind parameter- it is like variable in java, if you use it within quotes, database treats it as literal string.
Similary in java if you put the variable name inside double quotes, compiler doesn't see it, like in this example:
Jan is correct, you just need to use the wildcards in the variable you pass to the preparedstatement. Keep in mind, though, that wild cards are not required with LIKE clauses. For example putting a wildcard only at the end of a query finds all matches that start with the word.