see if you can detect the hash in java to redirect to CAS, and handle question mark for deep urls as well.