After authenticate user by CAS, when the user has no permission or can't be find at Magnolia user managers then you get into infitive loop.

The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

1. CAS authenticates the user and redirects the user back to Magnolia
2. User has no permission or can't be authenticate against Magnolia (user doesn't exist in user managers, user is disabled, etc.) then Magnolia redirect back to CAS login page
3. User is already authenticate on CAS. So CAS redirect the user again back to Magnolia