Execute protected url with cas and spring security

First of all, excuse my English.

I have configured spring security with CAS + LDAP and everything works correctly, authentication is correct, but I have a problem. It is worrisome and a priority to solve and it is that I have a url that must be accessed from outside by another external service (Pentaho). Whether the url in the Spring configuration is allowed to be called by all without being authenticated (permitAll) or protected with hasAnyAuthority (...) authentication, the CAS login page always returns me. If I execute this same url from command line with curl and the appropriate values, same way is obtained the answer, the CAS login page.

If I activate the protected url, when accessing it from the other service, with the correct authentication data, it passes the authentication, but it takes me to the home of the application and does not execute the url indicated.

I understand that the casEntryPoint bean redirects all the url to the login form, and that once authenticated, leads to the home, but how can I make this and other url can be run with or without authentication and not redirect to login or home?.

I appreciate any help you can offer me to solve the problem.

This is my spring security configuration

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd">

<!-- 
    ESTRATEGIA DE CONFIGURACIÓN QUE PERMITE ELIMINAR EL PREFIJO ROLE_ POR DEFECTO DE SPRING
    NOTA: NO ELIMINAR.  
-->
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">
    <property name="rolePrefix" value=""/>
</bean>

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
    <constructor-arg >
        <list>
            <ref bean="roleVoter"/>
            <bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
            <bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
        </list>
    </constructor-arg>
</bean>

<!--  -->
<security:http entry-point-ref="casEntryPoint" use-expressions="true" 
    access-decision-manager-ref="accessDecisionManager">
    <security:csrf disabled="false"/>
    <security:custom-filter position="FIRST" ref="ajaxSessionFilter"/>
    <security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
    <security:custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />

    <!-- ACCESO SIN RESTRICCIONES -->
    <security:intercept-url pattern="/**" access="isAuthenticated()" />
    <security:intercept-url pattern="/static/**" access="isAuthenticated()"/>
    <security:intercept-url pattern="/WEB-INF/views/**" access="isAuthenticated()"/>

**<security:intercept-url pattern="/checkNewArticles" access="permitAll" />**
**<security:intercept-url pattern="/sendMessageBroker" method="GET" access="permitAll" />**

....


    <security:access-denied-handler error-page="/accessdenied"/> <!-- 403 -->

    <security:custom-filter ref="casAuthenticationFilter" after="CAS_FILTER"/>
    <security:custom-filter position="LAST" ref="loginFilter"/>

    <security:logout logout-url="${security.url.server.logout.request}"
        logout-success-url="${security.url.server.logout.request}?service=${service.base.url}"/>        

</security:http>

<bean id="casServiceProperties" class="org.springframework.security.cas.ServiceProperties"
    p:service="${service.base.url}"
    p:sendRenew="false" p:authenticateAllArtifacts="true" />

<bean id="casEntryPoint"
    class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
    p:serviceProperties-ref="casServiceProperties" p:loginUrl="${pso.cas.server.base.url}/login" />

<bean id="ajaxSessionFilter" class="com.psoplaneta.services.security.filters.AjaxSessionFilter">    
    <property name="homePage" value="${pso.cas.server.base.url}/login"/>
</bean>

<bean id="loginFilter" class="com.psoplaneta.services.security.filters.PSOLoginFilter"> 
    <property name="errorPage" value="${service.base.url}/403"/>
    <property name="loginPage" value="${pso.cas.server.base.url}/login"/>
</bean>


<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"
    p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage"
    p:proxyReceptorUrl="/login/cas/proxyreceptor"
    p:serviceProperties-ref="casServiceProperties"
    p:authenticationManager-ref="authenticationManager">
    <property name="authenticationFailureHandler">
        <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
            <property name="defaultFailureUrl" value="/casfailed"/>
        </bean>
    </property>
    <property name="authenticationSuccessHandler">
         <bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"> 
         </bean> 


    </property>
    <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
</bean>

<bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />

<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>

<!-- This filter redirects to the CAS Server to signal Single Logout should be performed -->
<bean id="requestSingleLogoutFilter"
    class="org.springframework.security.web.authentication.logout.LogoutFilter"
    p:filterProcessesUrl="/j_spring_cas_security_logout">
    <constructor-arg value="${pso.cas.server.base.url}/logout" />
    <constructor-arg >
        <bean
            class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
    </constructor-arg>
</bean>

<!-- This filter handles a Single Logout Request from the CAS Server -->
<bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="casAuthenticationProvider"/>
</security:authentication-manager>

<bean id="casAuthenticationProvider"
    class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
    p:key="casAuthProviderKey"
    p:serviceProperties-ref="casServiceProperties">
    <property name="authenticationUserDetailsService">
        <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <constructor-arg ref="userDetailService" />
        </bean>
    </property>
    <property name="ticketValidator">
        <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"
            p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage">
            <constructor-arg index="0" value="${pso.cas.server.base.url}" />
        </bean>
    </property>
</bean>

<bean id="userDetailService" class="com.psoplt.services.security.userdetails.PSOUserDetailsService"/>