problem validating user login using jsp

I know something is wrong:
am trying to validate user input(loginName and password).

my html code

my jsp code:

<html>
<head><title>Validate Page</title>
 
<body>
<%@ page language="java" import="java.sql.*,java.io.*" %>
<%
    String loginName = request.getParameter("user");
    String loginPassword = request.getParameter("userpassword");
    Connection conn = null;
    String userQuery = "Select * from reg_user";
    String user;
    String password;
    String userId;
    
    try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/hoteldb","root","mypassword");
        Statement stmt = conn.createStatement();
        ResultSet rs = stmt.executeQuery(userQuery);
        while (rs.next()) {
  userId = rs.getString("reg_num");
  user = rs.getString("reg_userName");
       password = rs.getString("reg_password");
   System.out.println(user +" and " + password + " retrived ");
    
if (user.equals("loginName") && password.equals("loginPassword"))
{
  System.out.println(loginName +"login in at" + new java.util.Date());
%>
  <jsp:forward page="hotelsPage.jsp" />
<%
    }//end of if block.
else {
%>
  <jsp:forward page="ErrorPage.jsp" />
<%
 } //end of else block.
       } //end of while block.
%>
<%
     } //end of try block.
     catch (ClassNotFoundException cnfe) {
  cnfe.printStackTrace();
     }
     catch (SQLException sqle) {
  sqle.printStackTrace();
     }
     catch (Exception e) {
  e.printStackTrace();
     }
%>
</body>
</html>

my sql table:

it do not work that is
(1)it can't validate the login user.
(2)it dosen't iterate inside the table to get the userName.

can somebody help me out?
thanks to you all.

Well, first of all it's bad form to have that sort of code in a JSP. Put it in a servlet, and forward to the JSP once you decide what you want to do.

And don't forward until you have decided. Your code there forwards once for every record in the table. That's a bad idea and not likely to produce the correct results. It would be better to have a Select statement with a where-clause which returns one record for a correct login and zero records for an incorrect login.

But most of all, your code here

compares the data read from the database to certain string constants instead of comparing it to the variables where you saved the request parameters.

(2)it dosen't iterate inside the table to get the userName.

does this statements print user and password or else?

or it's a good practice to always close any database connection you open within a finally block. Leaving connections open is one of the biggest sources of memory leaks in large systems.

and of course paul suggested you the best for the validation, in this way the code will be more simpler and save up yourself to write extra code.