Documenting createAccessDeniedException() method

Updating documentation to reflect the changes added in symfony/symfony#9405.

Author: klaussilveira

book/security.rst

@@ -1072,19 +1072,21 @@ fine-grained enough in certain cases. When necessary, you can easily force
 authorization from inside a controller::
 
     // ...
-    use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 
     public function helloAction($name)
     {
         if (false === $this->get('security.context')->isGranted('ROLE_ADMIN')) {
-            throw new AccessDeniedException();
+            throw $this->createAccessDeniedException('Unable to access this page!');
         }
 
         // ...
     }
 
 .. _book-security-securing-controller-annotations:
 
+The ``createAccessDeniedException()`` method creates a special ``AccessDeniedException``
+object, which ultimately triggers a 403 HTTP response inside Symfony.
+
 Thanks to the SensioFrameworkExtraBundle, you can also secure your controller using annotations::
 
     // ...