Check your login and password (Java Web, Servlets)

Question

I'm trying to verify that the user name and password entered in the JSP page with data from a database, all the parameters are coming, but even when matching data, the function returns false. What is my fault?

Here is my code:

public class LoginService {
    public boolean loginCheck(String username, String password){
        String query;
        String dbUsername, dbPassword;
        boolean login = false;

        try {
            Class.forName("com.mysql.jdbc.Driver").newInstance();
            Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/blog_u", "root", "root");
            Statement stmt = (Statement) con.createStatement();
            query = "SELECT username, password FROM user;";
            stmt.executeQuery(query);
            ResultSet rs = stmt.getResultSet();

            while(rs.next()){
                dbUsername = rs.getString("username");
                dbPassword = rs.getString("password");

                if(dbUsername == username && dbPassword == password){
                    System.out.println("OK");
                    login = true;
                }
                System.out.println(username + password + " " + dbUsername + dbPassword);
            }
        } catch (InstantiationException e) {
            e.printStackTrace();
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return login;
    }
}

Answer 1

if(dbUsername == username && dbPassword == password){

should change to

if(dbUsername.equals(username) && dbPassword.equals(password)){

Strings shouldn’t be compared using == in java. See How do I compare strings in Java?.