diff --git a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java
index 726fa70a6b..b1d30fcd38 100644
--- a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java
@@ -154,6 +154,10 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
                 return false;
             }
 
+            if (this.getKeyHash() != test.getKeyHash()) {
+                return false;
+            }
+
             return true;
         }
 
diff --git a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java
index 61f954e81d..e939aa5356 100644
--- a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java
+++ b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java
@@ -214,6 +214,28 @@ public class CasAuthenticationTokenTests extends TestCase {
         assertTrue(!token1.equals(token2));
     }
 
+    public void testNotEqualsDueToKey() {
+        List proxyList1 = new Vector();
+        proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
+
+        CasAuthenticationToken token1 = new CasAuthenticationToken("key",
+                "Test", "Password",
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                        "ROLE_TWO")}, proxyList1,
+                "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
+
+        List proxyList2 = new Vector();
+        proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check");
+
+        CasAuthenticationToken token2 = new CasAuthenticationToken("DIFFERENT_KEY",
+                "Test", "Password",
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                        "ROLE_TWO")}, proxyList2,
+                "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
+
+        assertTrue(!token1.equals(token2));
+    }
+
     public void testNotEqualsDueToProxyGrantingTicket() {
         List proxyList1 = new Vector();
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");