Leaving aside's Bear's point about a 404 error being nothing to do with the JDBC stuff, you also need to think about what you are doing in your query. You appear to be checking to see if a particular user exists with a specified password in your user table. But
you should not simply fetch all the records and check each one. That approach is inefficient and insecure as it means you have to fetch every user - and their stored password - across your network into your
Java server and check if it matches the specified user. Instead you should simply ask the database to do this check for you, with a query like:
You would need to adapt this for your database and data model, but this approach means you only send one password across the network, and you never fetch any passwords out of the database at all. It also means you only need to return one value - the user ID - from the database for one row i.e. the record that matches your user. If no record is found, then you know the username/password do not exist in the database table
And if you're going to use a database,
learn some SQL.