diff --git a/pom.xml b/pom.xml
index 6721b3607cacf6e83086aaea4614b844c573fbc9..76471db768fac6521fd20ccbd9fc4e1b549277f9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -8,7 +8,7 @@
 
 	<properties>
 		<org.springframework-version>4.1.6.RELEASE</org.springframework-version>
-		<org.springframework.security-version>3.2.7.RELEASE</org.springframework.security-version>
+		<org.springframework.security-version>4.0.1.RELEASE</org.springframework.security-version>
 		<org.springframework.integration-mail-version>4.1.3.RELEASE</org.springframework.integration-mail-version>
 		<com.fasterxml.jackson-version>2.5.3</com.fasterxml.jackson-version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
diff --git a/src/main/java/de/thm/arsnova/config/SecurityConfig.java b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
index c6bc56c378580ae33681fbb8519d063a68b18453..76a5b047af7bd9615457edc40f32fc0860457224 100644
--- a/src/main/java/de/thm/arsnova/config/SecurityConfig.java
+++ b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
@@ -117,10 +117,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter implements Serv
 		http.exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint());
 		http.csrf().disable();
 		http.headers()
-			.cacheControl()
-			.contentTypeOptions()
-			.frameOptions()
-			.xssProtection()
 			.addHeaderWriter(new HstsHeaderWriter(false));
 
 		if (casEnabled) {
@@ -295,7 +291,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter implements Serv
 	@Bean
 	public ServiceProperties casServiceProperties() {
 		ServiceProperties properties = new ServiceProperties();
-		properties.setService(rootUrl + servletContext.getContextPath() + "/j_spring_cas_security_check");
+		properties.setService(rootUrl + servletContext.getContextPath() + "/login/cas");
 		properties.setSendRenew(false);
 
 		return properties;