Tweak docs on /health endpoint to reflect secure/sensitive

Fixes gh-2816

spring-boot-docs/src/main/asciidoc/production-ready-features.adoc

@@ -86,7 +86,7 @@ The following endpoints are available:
 |true
 
 |`health`
-|Shows application health information (a simple '`status`' when accessed over an
+|Shows application health information (when the application is secure, a simple '`status`' when accessed over an
 unauthenticated connection or full message details when authenticated).
 |false
 
@@ -157,8 +157,8 @@ For example, the following will disable _all_ endpoints except for `info`:
 Health information can be used to check the status of your running application. It is
 often used by monitoring software to alert someone if a production system goes down.
 The default information exposed by the `health` endpoint depends on how it is accessed.
-For an insecure unauthenticated connection a simple '`status`' message is returned, for a
-secure or authenticated connection additional details are also displayed (see
+For an unauthenticated connection in a secure application a simple '`status`' message is 
+returned, and for a authenticated connection additional details are also displayed (see
 <<production-ready-health-access-restrictions>> for HTTP details).
 
 Health information is collected from all
@@ -507,16 +507,30 @@ If you don't want to expose endpoints over HTTP you can set the management port
 [[production-ready-health-access-restrictions]]
 === HTTP health endpoint access restrictions
 The information exposed by the health endpoint varies depending on whether or not it's
-accessed anonymously. By default, when accessed anonymously, any details about the
+accessed anonymously, and whether or not the enclosing application is secure. 
+By default, when accessed anonymously in a secure application, any details about the
 server's health are hidden and the endpoint will simply indicate whether or not the server
 is up or down. Furthermore, when accessed anonymously, the response is cached for a
 configurable period to prevent the endpoint being used in a denial of service attack.
 The `endpoints.health.time-to-live` property is used to configure the caching period in
 milliseconds. It defaults to 1000, i.e. one second.
 
-The above-described restrictions can be disabled, thereby allowing anonymous users full
-access to the health endpoint. To do so, set `endpoints.health.sensitive` to `false`.
+The above-described restrictions can be enhanced, thereby allowing only authenticated users full
+access to the health endpoint in a secure application. To do so, set `endpoints.health.sensitive` to `true`.
+Here's a summary of behaviour (with default `sensitive` flag value "false" indicated in bold):
 
+|====
+|Secure | Sensitive | Unauthenticated behaviour | Authenticated behaviour
+
+|    false  |  **false**       |    Full content   | Full content 
+
+|    false  |  true        |    Status only    | Full content
+
+|    true   |  **false**       |    Status only     | Full content
+
+|    true   |  true        |    No content     | Full content
+
+|====
 
 
 [[production-ready-jmx]]