I see 2 issues. First the select statement. How can you get data without a WHERE clause? Second issue, the checking of user name and password: you are using "==" which should have been equals(). The "==" check whether the object is the same in memory rather than the content. You want to check the content here.
Leaving aside's Bear's point about a 404 error being nothing to do with the JDBC stuff, you also need to think about what you are doing in your query. You appear to be checking to see if a particular user exists with a specified password in your user table. But you should not simply fetch all the records and check each one. That approach is inefficient and insecure as it means you have to fetch every user - and their stored password - across your network into your Java server and check if it matches the specified user. Instead you should simply ask the database to do this check for you, with a query like:
You would need to adapt this for your database and data model, but this approach means you only send one password across the network, and you never fetch any passwords out of the database at all. It also means you only need to return one value - the user ID - from the database for one row i.e. the record that matches your user. If no record is found, then you know the username/password do not exist in the database table