CAS 4, which isn’t out yet, or in any condition to be used in production, now supports using JCaptcha in order to throttle attempts to discern passwords.
ForĀ better or worse, CAS3 has always used Spring Web Flow 1 even after Spring Web Flow 2 came out.
