Problem is you are already including a the same dependency witha newer version I think something in the lines of this would solve it. Add it to your spring-ws-security dependency declaration.
<exclusions>
<exclusion>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
</exclusion>
</exclusions>