SEC-2175: Correct XSD docs on auto-config.

config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc

@@ -292,7 +292,7 @@ http.attlist &=
     ## Allows a RequestMatcher instance to be used, as an alternative to pattern-matching.
     attribute request-matcher-ref { xsd:token }?
 http.attlist &=
-    ## Automatically registers a login form, BASIC authentication, anonymous authentication, logout services, remember-me and servlet-api-integration. If set to "true", all of these capabilities are added (although you can still customize the configuration of each by providing the respective element). If unspecified, defaults to "false".
+    ## A legacy attribute which automatically registers a login form, BASIC authentication and a logout URL and logout services. If unspecified, defaults to "false". We'd recommend you avoid using this and instead explicitly configure the services you require.
     attribute auto-config {xsd:boolean}?
 http.attlist &=
     use-expressions?

config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd

@@ -746,7 +746,7 @@
     </xs:attribute>
     <xs:attribute name="auto-config" type="xs:boolean">
       <xs:annotation>
-        <xs:documentation>Automatically registers a login form, BASIC authentication, anonymous authentication, logout services, remember-me and servlet-api-integration. If set to "true", all of these capabilities are added (although you can still customize the configuration of each by providing the respective element). If unspecified, defaults to "false".</xs:documentation>
+        <xs:documentation>A legacy attribute which automatically registers a login form, BASIC authentication and a logout URL and logout services. If unspecified, defaults to "false". We'd recommend you avoid using this and instead explicitly configure the services you require.</xs:documentation>
       </xs:annotation>
     </xs:attribute>
     <xs:attribute name="use-expressions" type="xs:boolean">