I use @Secured with a custom AccessDecisionVoter checking if a user is logged in. If the user is not logged in I only want to redirect to the login page. Currently it is not possible to do this without creating a message in the FacesContext.
As discussed with Gerhard, a simple solution for this would be an optional SecurityViolationHandler. If there is a bean for this type, it is used to handle SecurityViolation instances created in the voter. If not, the default behavior (adding messages to the facesContext) should be used.