/**
     *  @return true  if userName already exists in database AND the
     *                corresponding password in the database matches
     *                the password parameter
     **/
    public boolean matchPassword(String userName, String password)
    throws SignOnDAOFinderException,
    InvalidPasswordException{

        Connection conn = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        try {
            conn = DAOUtils.getDBConnection(JNDINames.SIGNON_DATASOURCE);
            ps = conn.prepareStatement(MATCH_PASSWORD_SELECT_QUERY_STR);
            ps.setString(1, userName.trim());
            rs = ps.executeQuery();
            if(rs.next()) {
                if(!rs.getString(1).equals(password)) {
                    throw new InvalidPasswordException("Password does not match");
                }
            } else {
                throw new SignOnDAOFinderException("Unable to find user " +
                userName);
            }
        } catch (SQLException se) {
            throw new DAOSystemException(se);
        } finally {
            DAOUtils.closeResultSet(rs);
            DAOUtils.closeStatement(ps);
            DAOUtils.closeConnection(conn);
        }
        return(true);
    }