I am trying to get spring-security 3.0.3 running with CAS (I am new to it). I am getting the following:
2011-12-15 10:17:23.496:INFO:/apudt:Initializing Spring root WebApplicationContext
2011-12-15 10:17:24.324:WARN::Failed startup of context org.mortbay.jetty.plugin.Jetty6PluginWebAppContext @a998c1{/apudt,C:\Documents and Settings\me6004\workspace\apu_dt\src\main\webapp}
org.springframework.beans.factory.xml.XmlBeanDefin itionStoreException: Line 12 in XML document from class path resource [apu-dt-security_local.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'sec:http'.

Any thoughts? It looks like for some reason it is not finding the .xsd in the spring-security-config.jar to correctly parse my security_local. properties file. I googled the error, and Spring forums say that the cvc-complex-type error is usually because the .jar is not on the classpath. My build path in Eclipse which clearly shows the spring-security-config jar. I am stuck, so would appreciate any help (FYI, Eclipse seems able to parse the .xml file at design time just fine). Also, here is a copy of my spring-security.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:sec="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util" xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/security/
http://www.springframework.org/schem...rity-3.0.3.xsd http://www.springframework.org/schema/util
http://www.springframework.org/schem...g-util-2.0.xsd http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">

<!-- http element encapsulates security configuration for web layer -->
<!-- Define customized CAS bean which starts authentication process -->
<sec:http entry-point-ref="casProcessingFilterEntryPoint">
<!-- Secure URLs based on roles, rules applied top to bottom first match -->
<sec:intercept-url pattern="/**"
access="ROLE_APU_DT_IQR_view,ROLE_APU_DT_IQR_view_ update,ROLE_APU_DT_IQR_view_approve,ROLE_APU_DT_OQ R_view,ROLE_APU_DT_OQR_view_update,ROLE_APU_DT_OQR _view_approve"
requires-channel="any"/>
<secort-mappings>
<secort-mapping http="8080" https="8443"/>
</secort-mappings>
<!-- add a special CAS filter to the security filter stack -->
<sec:custom-filter after="CAS_FILTER" ref='casAuthenticationFilter'/>
<!-- Invalidate http session on logout -->
<sec:logout/>
</sec:http>

<!-- Must include this element, registers the AuthenticationManager which provides authentication services-->
<sec:authentication-manager alias="authenticationManager">
<!-- add CAS authenticationProvider implementation to manager's list -->
<sec:authentication-provider ref='casAuthenticationProvider'/>
</sec:authentication-manager>
<!-- Service Layer Security, secure methods on Spring Security beans via @Secure -->
<sec:global-method-security secured-annotations="enabled" access-decision-manager-ref="httpRequestAccessDecisionManager">
<!-- Define any AspectJ required pointcut expressions here -->
</sec:global-method-security>

<!-- Monitors service URL and processes a CAS service ticket into a token-->
<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAut henticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<!-- <property name="authenticationFailureUrl" value="/errors/authenticationErrorPg.do"/> -->
<property name="defaultTargetUrl" value="/home.action"/>
<!-- Redirect to originally-requested page (not defaultTargetUrl) -->
<property name="alwaysUseDefaultTargetUrl" value="false" />
</bean>

<!-- Integrates with CAS to validate token and user details loading -->
<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentica tion">
<!-- Loads authorities for a user, once authenticated by CAS -->
<property name="userDetailsService" ref="ifmcUserDetailsService"/>
<property name="ticketValidator">
<!-- CAS client library makes HTTPs request to CAS Server to validate service ticket -->
<bean class="org.jasig.cas.client.validation.Cas20Servic eTicketValidator">
<!-- CAS Server URL for token (ticket) validation -->
<constructor-arg index="0" value="${security.qcas2Validate}" />
</bean>
</property>
<property name="statelessTicketCache" ref="statelessTicketCache"/>
<property name="serviceProperties" ref="serviceProperties" />
<!-- key used within CAS to distinguish the different client apps -->
<property name="key"><value>apudt_password_for_this_auth_pro vider_only</value></property>
</bean>

<!-- Caching Config -->
<!-- this bean injected into CasAuthenticationProvider; caches service tickets -->
<bean id="statelessTicketCache" class="org.springframework.security.cas.authentica tion.EhCacheBasedTicketCache">
<property name="cache" ref="ticketCacheBackend"/>
</bean>

<bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFa ctoryBean">
<property name="cacheManager" ref="cacheManager"/>
<property name="cacheName" value="ticketCache"/>
</bean>

<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheMa nagerFactoryBean">
<property name="configLocation">
<!-- below file in ehcache.jar file uses default cache settings -->
<value>classpath:/ehcache-failsafe.xml</value>
</property>
</bean>

<!-- Commence authentication via CAS, redirect browser to enterprise-wide login page -->
<bean id="casAuthenticationEntryPoint" class="org.springframework.security.cas.web.CasAut henticationEntryPoint">
<property name="loginUrl" value="${security.loginUrl}"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>

<!-- This service monitored by CASAuthenticationFilter -->
<!-- Callback URL for Spring security service -->
<bean id="serviceProperties" class="org.springframework.security.cas.ServicePro perties">
<property name="service"><value>${apudt.security.serviceLoca tion}</value></property>
<!-- Tell CAS Server single sign-on acceptable -->
<property name="sendRenew"><value>false</value></property>
</bean>

<!-- ================================================== ================= -->
<!-- Application Specific Config -->
<!-- ================================================== ================= -->
<!-- Custom service for loading user details via accessing OARS -->
<bean id="ifmcUserDetailsService" class="gov.hhs.cms.ocsq.hospital.apudt.security.If mcUserDetailsService">
<property name="rolesLookup" ref="rolesLookupMap"/>
<property name="system" value="QualityNet"/>
<property name="application" value="APU_DT"/>
<property name="realm" value="OARS"/>
<property name="authorizationServiceUrl" value="${authservice.authorizationServiceUrl}"/>
<property name="authenticationServiceUrl" value="${authservice.authenticationServiceUrl}"/>
</bean>

<bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.B asicProcessingFilterEntryPoint">
<property name="realmName"><value>Program Management</value></property>
</bean>
<!-- Bean to make decisions on Spring method-based security -->
<!-- Denies access only if there is deny vote -and- no affirmative votes -->
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.Affirmati veBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
<ref bean="authVoter"/>
</list>
</property>
</bean>

<bean id="roleVoter" class="org.springframework.security.vote.RoleVoter " />
<bean id="authVoter" class="org.springframework.security.vote.Authentic atedVoter" />

<!-- Need to prefix user roles with "ROLE" to indicate role-based Spring security check -->
<util:map id="rolesLookupMap">
<entry key="APU_DT_IQR_view" value="ROLE_APU_DT_IQR_view"/>
<entry key="APU_DT_IQR_view_update" value="ROLE_APU_DT_IQR_view_update"/>
<entry key="APU_DT_IQR_view_approve" value="ROLE_APU_DT_IQR_view_approve"/>
<entry key="APU_DT_OQR_view" value="ROLE_APU_DT_OQR_view"/>
<entry key="APU_DT_OQR_view_update" value="ROLE_APU_DT_OQR_view_update"/>
<entry key="APU_DT_OQR_view_approve" value="ROLE_APU_DT_OQR_view_approve"/>
</util:map>
</beans>