java - Endless loop of redirection to changePassword page in spring security -

i assigned task of implementing force reset password page our application? new spring , spring security, have implemented force reset logic using custom filter. changepassword page caught in endless loop, dont know why?

securitycontext.xml

<http auto-config='true' use-expressions="true" access-decision-manager-ref="webaccessdecisionmanager">         <intercept-url pattern="/**" access="isauthenticated()" />         <intercept-url pattern="/changepassword.*"  access="hasrole('role_changepassword')"/>         <form-login always-use-default-target="true"             login-page="/login.jsp"             default-target-url="/home_director.do"             authentication-failure-url="/login.jsp?error=authfail"             authentication-success-handler-ref="loginsucesshandler"              />         <logout logout-url="/logout"             logout-success-url="/login.jsp"             invalidate-session="true"/>         <session-management invalid-session-url="/login.jsp?error=invalidsession" />         <access-denied-handler error-page="/login.jsp?error=1"/>         <custom-filter ref="switchuserprocessingfilter" position="switch_user_filter"/>         <custom-filter ref="userresetpasswordcheckfilter" position="last"/>     </http>      <beans:bean id="userresetpasswordcheckfilter" class="com.statschedules.fo.spring.security.userresetpasswordcheckfilter"> 

userresetpasswordfilter.java inside dofilter check whether user's password has expired or not , use

response.sendredirect(response.encoderedirecturl(request.getcontextpath()+"/changepassword.jsp"));  changepasswordcontroller.java @controller("/changepassword") public class changepasswordcontroller {     public static logger log = loggerfactory.getlogger(changepasswordcontroller.class);     @autowired     protected passwordencoder passwordencoder;     @autowired     protected userdao userdao;     @autowired     protected userdetailsservice userdetailsservice;      @requestmapping("/changepassword.jsp")     public void changepassword(httpservletrequest request,          httpservletresponse response,         @requestparam(value = "newpassword") string newpassword) throws exception {          user user = (user)securitycontextholder.getcontext().getauthentication().getprincipal();         string encryptedpassword = passwordencoder.encode(newpassword);         if(true){//put user id or name of user password has changed             user = userdao.getuser(1231);             user.setpassword(encryptedpassword);             userdao.updatepassword(user);         }         string username = "clinic1admin";         userdetails updateduser = userdetailsservice.loaduserbyusername(username);         collection<? extends grantedauthority> orig = updateduser.getauthorities();         usernamepasswordauthenticationtoken targetuserrequest = new usernamepasswordauthenticationtoken(updateduser, updateduser.getpassword(), orig);         securitycontextholder.getcontext().setauthentication(targetuserrequest);         response.sendredirect("/home_director.do");     }  } 

i have placed changepassword.jsp file inside webapp directory along login.jsp , index.html can wrong in code? have been struggling problem since last couple of days, please, please me oout