Update Spring Cloud Common Security + Polish Docs

ghillert · ghillert · commit 3e37f74abd47 · 2019-03-05T18:20:56.000-10:00
* Update Spring Cloud Common Security to `1.1.2.RELEASE`
* Minor polishing of security section of the docs
diff --git a/pom.xml b/pom.xml
@@ -55,7 +55,7 @@
 		<spring-cloud-scheduler-kubernetes.version>1.0.0.RELEASE</spring-cloud-scheduler-kubernetes.version>
 		<spring-cloud-scheduler-cloudfoundry>1.0.1.RELEASE</spring-cloud-scheduler-cloudfoundry>
 
-		<spring-cloud-common-security-config.version>1.1.1.RELEASE</spring-cloud-common-security-config.version>
+		<spring-cloud-common-security-config.version>1.1.2.RELEASE</spring-cloud-common-security-config.version>
 
 		<spring-shell.version>1.2.0.RELEASE</spring-shell.version>
 		<commons-io.version>2.4</commons-io.version>
diff --git a/spring-cloud-dataflow-docs/src/main/asciidoc/configuration-local.adoc b/spring-cloud-dataflow-docs/src/main/asciidoc/configuration-local.adoc
@@ -741,7 +741,7 @@ $ cd uaa/
 $ ./gradlew  run
 ----
 
-In a separate window, check if the UAA server is running:
+IMPORTANT: The UAA requires *Java 8*.
 
 The configuration of the UAA is driven by a
 https://github.com/cloudfoundry/uaa/blob/develop/uaa/src/main/resources/uaa.yml[uaa.yml]
@@ -857,7 +857,7 @@ security:
     client:
       client-id: app
       client-secret: dataflow
-      scope: openid, dataflow.view, dataflow.create, dataflow.manage    # <1>
+      scope: openid                                                     # <1>
       access-token-uri: http://localhost:8080/uaa/oauth/token
       user-authorization-uri: http://localhost:8080/uaa/oauth/authorize
     resource:
@@ -866,7 +866,7 @@ security:
 ----
 
 <1> If you use scopes to identify roles, please make sure to also request
-the relevant roles
+the relevant scopes, e.g `dataflow.view`, `dataflow.create` etc.
 <2> Used to retrieve profile information, e.g. username for display purposes (mandatory)
 <3> Used for token introspection and validation (mandatory)
 
