I use spring security with the CAS client and I have an app that is deployed with a wild card domain. Users are given a subdomain to reach their services. So if my username is foo, I would reach my area by accessing foo.example.com. Another user named bar accesses their area at bar.example.com.
With spring 2.5.6, I implemented this by subclassing ServiceProperties and using the RequestContextHolder to get access to the request information. In my subclass, getService() builds and returns the service identifier with the matching subdomain so that the user would get redirected back to the right place with the right session after signing in with CAS.
In spring 3.0.0, all methods are marked final preventing me from making my dynamic ServiceProperties. I know I can get around this by subclassing the CasAuthenticationProvider and CasEntryPoint, but that seems a little dumb considering I would just be swapping the regular ServiceProperties with my own. So I'm hoping that you will just remove the final markers...