数据库设计、User实体类、用户登录页面、登录成功页面、登录失败页面同上一个手记，有兴趣可以查阅
更新部分：UserDao业务逻辑类、DBUtil数据库工具类、登录验证页面

代码部分
1.UserDao业务逻辑类

package dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import db.DBUtil;
import entity.User;

public class UserDao {
    private static Connection conn;
    private static PreparedStatement pstt;
    private static ResultSet rs;
    private static String sql;

    /**
     * 给定User对象 通过用户名查询密码是否匹配
     * @param user
     * @return
     */
    public boolean queryUserByName(User user) {
        boolean query = false;
        conn = DBUtil.getConn();
        sql = "SELECT password FROM tb_user WHERE userName = ?";
        try {
            pstt = conn.prepareStatement(sql);
            pstt.setString(1, user.getUserName());
            rs = pstt.executeQuery();
            if (rs.next()) {
                String password = rs.getString("password");
                if (password.equals(user.getPassword())) {
                    query = true;
                }else {
                    query = false;
                }
            }           
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            DBUtil.queryClose(rs, pstt, conn);
        }
        return query;
    }
}

2.DBUtil数据库工具类

package db;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
 * 连接数据库准备工作
 * @author SsssZzzz
 *
 */
public class DBUtil {
    private static final String DBDriver = "com.mysql.jdbc.Driver";
    private static final String URL = "jdbc:mysql://localhost:3306/db_users"
            + "?useUnicode=true&characterEncoding=utf8&useSSL=false";
    private static final String USER = "root";
    private static final String PASSWORD = "fyz123456";
    private static Connection conn = null;
    static{
        try {
            Class.forName(DBDriver);
            conn = DriverManager.getConnection(URL, USER, PASSWORD);
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }

    /**
     * 获取数据库链接
     * @return
     */
    public static Connection getConn() {
        return conn;
    }
    /**
     * 向数据库插入数据后关闭资源
     * @param pstt
     * @param conn
     */
    public static void addClose(PreparedStatement pstt, Connection conn) {
        try {
            if (!pstt.isClosed()) {
                pstt.close();
            }
            if (!conn.isClosed()) {
                conn.close();
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
    /**
     * 查询数据后关闭资源
     * @param rs
     * @param pstt
     * @param conn
     */
    public static void queryClose(ResultSet rs, PreparedStatement pstt, Connection conn) {
        try {
            if (!rs.isClosed()) {
                rs.close();
            }
            if (!pstt.isClosed()) {
                pstt.close();
            }
            if (!conn.isClosed()) {
                conn.close();
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

3.登录验证页面

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<jsp:useBean id="user" class="entity.User" scope="page"></jsp:useBean>
<jsp:useBean id="userDao" class="dao.UserDao" scope="page"></jsp:useBean>
<jsp:setProperty property="*" name="user"/>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
    if(userDao.queryUserByName(user)){
        session.setAttribute("userName", user.getUserName());
        request.getRequestDispatcher("success.jsp").forward(request, response);
    }else{
        response.sendRedirect("failure.jsp");
    }
%>

总结
通过Model1设计模式，将验证的业务逻辑封装到UserDao中，将数据库连接代码封装到DBUtil工具类中。登录验证页面的代码得到精简。实现控制层和业务逻辑的分离，提高了代码的可重用性和可扩展性。