diff --git a/wiki/auth/cas.py b/wiki/auth/cas.py
index 0e331b0b..12f50580 100644
--- a/wiki/auth/cas.py
+++ b/wiki/auth/cas.py
@@ -43,6 +43,7 @@ class PyCAS(object):
         url = self.server_url + self.logout_path
         if redirect_url:
             url += '?url=' + urllib.quote_plus(redirect_url)
+            url += '&service=' + urllib.quote_plus(redirect_url)
         return url
 
     def validate_url(self, service, ticket):
@@ -78,12 +79,13 @@ class CASAuth(BaseAuth):
     def request(self, request, user_obj, **kw):
         ticket = request.args.get("ticket", "")
         action = request.args.get("action", "")
+        force = request.args.get("force", None) is not None
         logoutRequest = request.args.get("logoutRequest", [])
         p = urlparse.urlparse(request.url)
         url = urlparse.urlunparse(('https', p.netloc, p.path, "", "", ""))
 
         # authenticated user
-        if user_obj and user_obj.valid:
+        if not force and user_obj and user_obj.valid:
             return user_obj, True
 
         # anonymous
@@ -102,7 +104,7 @@ class CASAuth(BaseAuth):
                 else:
                     u.valid = u.exists()
                 if self.fallback_url and not u.valid:
-                    request.http_redirect(self.fallback_url)
+                    request.http_redirect("%s?action=%s&wiki_url=%s" % (self.fallback_url, self.action, url))
                 return u, True
 
         # login