Proxy Target Retreival

config/src/main/java/org/springframework/security/config/annotation/method/configuration/AuthorizationProxyConfiguration.java

@@ -31,6 +31,7 @@
 import org.springframework.security.authorization.AuthorizationProxyFactory;
 import org.springframework.security.authorization.method.AuthorizationAdvisor;
 import org.springframework.security.authorization.method.AuthorizationAdvisorProxyFactory;
+import org.springframework.security.authorization.method.AuthorizationProxyTargetMethodInterceptor;
 import org.springframework.security.authorization.method.AuthorizeReturnObjectMethodInterceptor;
 import org.springframework.security.config.Customizer;
 
@@ -57,6 +58,16 @@ static MethodInterceptor authorizeReturnObjectMethodInterceptor(ObjectProvider<A
 		return interceptor;
 	}
 
+	@Bean
+	@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
+	static MethodInterceptor authorizationProxyTargetMethodInterceptor(
+			AuthorizationAdvisorProxyFactory authorizationProxyFactory) {
+		AuthorizationProxyTargetMethodInterceptor interceptor = new AuthorizationProxyTargetMethodInterceptor(
+				authorizationProxyFactory);
+		authorizationProxyFactory.addAdvisor(interceptor);
+		return interceptor;
+	}
+
 	@Bean
 	@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
 	static SecurityHintsRegistrar authorizeReturnObjectHintsRegistrar(AuthorizationProxyFactory proxyFactory) {

config/src/main/java/org/springframework/security/config/annotation/method/configuration/MethodSecurityAdvisorRegistrar.java

@@ -46,6 +46,7 @@ public void registerBeanDefinitions(AnnotationMetadata importingClassMetadata, B
 		registerAsAdvisor("securedAuthorization", registry);
 		registerAsAdvisor("jsr250Authorization", registry);
 		registerAsAdvisor("authorizeReturnObject", registry);
+		registerAsAdvisor("authorizationProxyTarget", registry);
 	}
 
 	private void registerAsAdvisor(String prefix, BeanDefinitionRegistry registry) {

config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java

@@ -977,11 +977,12 @@ void autowireWhenDefaultsThenCreatesExactlyOneAdvisorPerAnnotation() {
 		this.spring.register(MethodSecurityServiceConfig.class).autowire();
 		AuthorizationAdvisorProxyFactory proxyFactory = this.spring.getContext()
 			.getBean(AuthorizationAdvisorProxyFactory.class);
-		assertThat(proxyFactory).hasSize(5);
-		assertThat(this.spring.getContext().getBeanNamesForType(AuthorizationAdvisor.class)).hasSize(5)
+		assertThat(proxyFactory).hasSize(6);
+		assertThat(this.spring.getContext().getBeanNamesForType(AuthorizationAdvisor.class)).hasSize(6)
 			.containsExactlyInAnyOrder("preFilterAuthorizationMethodInterceptor",
 					"preAuthorizeAuthorizationMethodInterceptor", "postAuthorizeAuthorizationMethodInterceptor",
-					"postFilterAuthorizationMethodInterceptor", "authorizeReturnObjectMethodInterceptor");
+					"postFilterAuthorizationMethodInterceptor", "authorizeReturnObjectMethodInterceptor",
+					"authorizationProxyTargetMethodInterceptor");
 	}
 
 	// gh-15592
@@ -990,11 +991,12 @@ void autowireWhenAspectJAutoProxyAndFactoryBeanThenExactlyOneAdvisorPerAnnotatio
 		this.spring.register(AspectJAwareAutoProxyAndFactoryBeansConfig.class).autowire();
 		AuthorizationAdvisorProxyFactory proxyFactory = this.spring.getContext()
 			.getBean(AuthorizationAdvisorProxyFactory.class);
-		assertThat(proxyFactory).hasSize(5);
-		assertThat(this.spring.getContext().getBeanNamesForType(AuthorizationAdvisor.class)).hasSize(5)
+		assertThat(proxyFactory).hasSize(6);
+		assertThat(this.spring.getContext().getBeanNamesForType(AuthorizationAdvisor.class)).hasSize(6)
 			.containsExactlyInAnyOrder("preFilterAuthorizationMethodInterceptor",
 					"preAuthorizeAuthorizationMethodInterceptor", "postAuthorizeAuthorizationMethodInterceptor",
-					"postFilterAuthorizationMethodInterceptor", "authorizeReturnObjectMethodInterceptor");
+					"postFilterAuthorizationMethodInterceptor", "authorizeReturnObjectMethodInterceptor",
+					"authorizationProxyTargetMethodInterceptor");
 	}
 
 	// gh-15651