Here i am using spring security 3.x and need to integrate with JA-SIG CAS server, I can login CAS server through https://localhost:8443/cas/login, but after integrated with spring security, i can not redirect my login page to CAS login. Everytime start up tomcat and there is a scene i can see CAS login page which has a blue background and it soon redirect to my application login page, and i don't know why, hope someone can take me out, thank you in advance. Here is my spring security configuration:

<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
        <property name="service" value="http://localhost:8082/dna/j_spring_cas_security_check" />
        <property name="sendRenew" value="false" />
    </bean>
    <!-- hook up cas entry point -->
    <bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter">
        <constructor-arg ref="casEntryPoint" />
    </bean>
    <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
        <property name="authenticationUserDetailsService">
            <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
                <constructor-arg ref="myUserDetailsService" />
            </bean>
        </property>
        <property name="serviceProperties" ref="serviceProperties" />
        <property name="ticketValidator">
            <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
                <constructor-arg index="0" value="http://localhost:8080/cas/" />
            </bean>
        </property>
        <property name="key" value="casAuthProviderKey" />
    </bean>
    <bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManager" />
    </bean>
    <bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
        <property name="loginUrl" value="http://localhost:8080/cas/login" />
        <property name="serviceProperties" ref="serviceProperties" />
    </bean>
    <bean id="singleLogoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
        <constructor-arg value="http://localhost:8080/cas/logout" />
        <constructor-arg>
            <bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
        </constructor-arg>
        <property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
    </bean>

    <bean id="authenticationSuccessHandler" class="com.gooalgene.common.handler.AuthenticationSuccessHandlerImpl">
        <property name="defaultTargetUrl" value="/dna/index" />
    </bean>
    <sec:http auto-config='false' use-expressions="true" entry-point-ref="casEntryPoint">

        <sec:intercept-url pattern="/managerPage" access="hasRole('ROLE_ADMIN')" />
        <sec:intercept-url pattern="/**" access="hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')" />
        <sec:form-login authentication-success-handler-ref="authenticationSuccessHandler"
                        authentication-failure-handler-ref="authenticationFailureHandler"/>
        <sec:access-denied-handler error-page="/403" />
        <sec:custom-filter ref="casFilter" position="CAS_FILTER" />
        <sec:custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
        <sec:custom-filter ref="filterSecurityInterceptor" before="FILTER_SECURITY_INTERCEPTOR" />
    </sec:http>
    <bean id="builder" class="com.gooalgene.common.security.JdbcRequestMapBuilder">
        <property name="dataSource" ref="dataSource" />
        <property name="resourceQuery"
                        value="SELECT rc.res_string, r.name FROM resc rc, role r, role_resc rr WHERE r.id = rr.role_id AND rc.id = rr.resc_id" />
    </bean>

    <bean id="accessDecisionManager" class="com.gooalgene.common.security.MyAccessDecisionManager" />

    <sec:authentication-manager alias="authenticationManager">
        <sec:authentication-provider ref="casAuthenticationProvider" />
    </sec:authentication-manager>

    <bean id="securityMetadataSource" class="com.gooalgene.common.security.MyFilterInvocationSecurityMetadataSource">
        <property name="builder" ref="builder" />
    </bean>

    <bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
        <property name="accessDecisionManager" ref="accessDecisionManager" />
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="securityMetadataSource" ref="securityMetadataSource" />
    </bean>

Here is my current framework info:

  1. CAS server version: 5.0.8
  2. Spring Security version: 3.1.3.RELEASE
  3. Spring MVC version: 4.3.9.RELEASE

Comment From: eleftherias

By using <sec:form-login> you are enabling Form Login. This is taking precedence over the CAS login entry point. If you do not with to use Form Login, you can remove that section. In the future, please ask these types of questions on Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements.