Perfect, thanks for the reply. That definitely sounds like a workable solution.
I also think I found another solution. Disabling all meaningful authentication redirection in the web.xml (having all of the <url-pattern> tags point to something meaningless within the <filter-mapping> tags for the cas authentication filter) while leaving the seraph-config.xml values intact results in almost the perfectly desired behavior. JIRA now handles all authentication detection, and so allows anonymous content to be interacted with if the content is viewable by anonymous users. Furthermore, all login links still point to the CAS site, and any content that returns an authentication error also redirects to CAS. And, lastly, interacting with any login pages (the login dialog on the landing page or directly visiting <jira URL>/login.jsp) will successfully be processed by JIRA's user login code instead of being intercepted by the CAS authentication filter (thereby allowing users to authenticate against JIRA's internal directory).