<sec:authorize access="hasRole('supervisor')"> This content will only be visible to users who have the "supervisor" authority in their list of GrantedAuthoritys. </sec:authorize>Or, even cooler, like this:
<sec:authorize url="/admin"> This content will only be visible to users who are authorized to send requests to the "/admin" URL. </sec:authorize url="/admin">It was an easy read, if a little verbose. Some sections were worth skimming, and knowledge of Spring Security is advised before reading.