Previous to this commit, the remote shell security configuration
described that a default password will be generated with no extra
configuration. Actually, when Spring Security is configured for the
application, the remote shell reuses that configuration by default.

It turns out that the default log message is confusing as it was
referring to "application endpoints". Updated that log to a more
generic log message and updated doc accordingly.

Fixes gh-779